Lucene search
+L

257 matches found

NVD
NVD
added 2020/04/30 11:15 p.m.61 views

CVE-2020-11016

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

9.1CVSS9.5AI score0.02334EPSS
Exploits0References4
OSV
OSV
added 2020/04/30 11:15 p.m.24 views

CVE-2020-11016

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

8.8CVSS7.9AI score
Exploits0References4
Prion
Prion
added 2020/04/30 11:15 p.m.10 views

Design/Logic Flaw

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

6.5CVSS8.9AI score0.02334EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/30 10:25 p.m.16 views

CVE-2020-11016 Remote code execution in Message sending functionality in IntelMQ Manager

IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend incorrectly handled messages given by user-input in the "send" functionality of the Inspect-tool of the Monitor component. An attacker with access to the IntelMQ Manager could possibly use this issue...

9.1CVSS9.5AI score0.02334EPSS
Exploits0References4
CVE
CVE
added 2020/04/30 10:25 p.m.77 views

CVE-2020-11016

Summary: CVE-2020-11016 affects IntelMQ Manager, specifically versions 1.1.0 and earlier than 2.1.1. The issue lies in the backend’s handling of user-supplied messages within the Inspect-tool’s Monitor component, in the send functionality. This can allow an attacker with access to IntelMQ Manager...

9.1CVSS9AI score0.02334EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2020/01/12 11:30 a.m.75 views

Heapinspect - Inspect Heap In Python

HeapInspect is designed to make heap much more prettier. Now this tool is aplugin of nadbg. Try it! Features Free of gdb and other requirement Multi glibc support 2.19, 2.23-2.27 currently tested both 32bit and 64bit Nice UI to show heap HeapShower detailed PrettyPrinter colorful, summary Heapdif...

7.4AI score
Exploits0References2
Prion
Prion
added 2019/10/12 8:15 p.m.17 views

Heap overflow

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...

6.8CVSS7.6AI score0.00535EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2019/10/12 8:15 p.m.30 views

CVE-2019-17529

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...

7.8CVSS7.1AI score0.00535EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.70 views

openSUSE Security Update : podman / slirp4netns and libcontainers-common (openSUSE-2019-2044)

This is a version update for podman to version 1.4.4 bsc1143386. Additional changes by SUSE on top : - Remove fuse-overlayfs because it's currently an unsatisfied dependency on SLE bsc1143386 - Update libpod.conf to use correct infracommand - Update libpod.conf to use better versioned pause...

7.8CVSS7.1AI score0.03398EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2019/08/13 3:18 p.m.269 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7AI score0.04521EPSS
Exploits5References6
Prion
Prion
added 2019/04/23 2:29 p.m.18 views

Design/Logic Flaw

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

4.3CVSS6.4AI score0.02107EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2019/04/23 2:29 p.m.1 views

DEBIAN-CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

6.5CVSS6.8AI score0.02107EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/04/23 2:29 p.m.32 views

CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

6.5CVSS6.9AI score0.02107EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/23 1:54 p.m.33 views

CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

6.4AI score0.02107EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2019/04/23 12:0 a.m.4 views

PT-2019-10261 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.4 Description: The issue allows attackers to cause a denial-of-service due to uncontrolled recursion. This occurs in the Sass::Complex Selector::perform function in ast.hpp and the Sass::Inspect::operator in inspect.cpp...

9.8CVSS6.3AI score0.04006EPSS
Exploits17References90
Atlassian
Atlassian
added 2019/03/29 2:29 p.m.30 views

Copying and pasting Status Macro (or TOC Macro) over https triggers mixed content and breaks certificate trust

h3. Issue Summary Copying and pasting a status macro or TOC over https in the browser will trigger mix content action, it will break the certificate trust on request of: Status macro plugins/servlet/status-macro/placeholder?title=titlehere&colour=Yellow TOC macro...

7AI score
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2018/08/08 10:29 p.m.21 views

Moderate severity vulnerability that affects safemode

Withdrawn, accidental duplicate publish. The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...

8.1CVSS6.4AI score0.02131EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/04 6:29 a.m.2 views

DEBIAN-CVE-2018-11696

An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service application crash or possibly have unspecified other impact...

8.8CVSS9.5AI score0.01647EPSS
Exploits1References1
OSV
OSV
added 2018/06/04 6:29 a.m.3 views

UBUNTU-CVE-2018-11696

An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service application crash or possibly have unspecified other impact...

8.8CVSS7.2AI score0.01647EPSS
Exploits1References4
CNVD
CNVD
added 2018/06/04 12:0 a.m.4 views

LibSaas Null Pointer Dereference Vulnerability

LibSaas is a C/C++ implementation of the Sass compiler. A null pointer dereference vulnerability exists in the Sass::Inspect::operator function in LibSaas 3.5.4 and earlier. An attacker could exploit this vulnerability to cause a denial of service application crash or possibly other impact...

8.8CVSS8.9AI score0.01647EPSS
Exploits1References1
Rows per page
Query Builder