Lucene search
+L

126 matches found

CVE
CVE
added 2022/03/11 10:40 a.m.131 views

CVE-2022-0870

Gogs (gogs/gogs) prior to version 0.12.5 is affected by a Server-Side Request Forgery (SSRF) vulnerability in the repository migration logic. The issue enables an attacker to trigger SSRF via the affected migration pathway, with reachable impact limited to information exposure or unauthorized int...

5.3CVSS5AI score0.03422EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2022/03/11 10:40 a.m.105 views

CVE-2022-0870

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...

5.3CVSS5.2AI score0.03422EPSS
Exploits1
OSV
OSV
added 2022/03/11 10:40 a.m.19 views

CVE-2022-0870 Server-Side Request Forgery (SSRF) in gogs/gogs

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...

5CVSS5.6AI score0.03422EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/10/22 1:27 p.m.25 views

CVE-2021-0870

In RWSetActivatedTagType of rwmain.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11...

8.6AI score0.07014EPSS
Exploits0References2
CVE
CVE
added 2021/10/22 1:27 p.m.158 views

CVE-2021-0870

CVE-2021-0870 describes a memory corruption race condition in RW_SetActivatedTagType (rw_main.cc) that could allow remote code execution with no privileges required and no user interaction. Affected: Android 9, 10, 11, and 8.1. CVSSv3 base score 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). Public r...

9.3CVSS8AI score0.07014EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2021/10/05 6:33 p.m.8 views

CVE-2021-0870

creationtimestamp| type| source ---|---|--- 2021-10-05 18:33:20+00:00| seen| https://t.me/tomhunter/357 2021-10-06 15:56:28+00:00| seen| https://t.me/truesecator/2186 2021-10-22 18:39:15+00:00| seen| https://t.me/cibsecurity/31037 2021-12-03 20:01:46+00:00| seen|...

9.3CVSS7.2AI score0.07014EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.20 views

Samba < 3.4.0 Remote Code Execution Vulnerability (CVE-2012-0870)

Ensure AndX offsets are increasing strictly monotonically in pre-3.4 versions. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...

7.9CVSS8.7AI score0.06499EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2012:0348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9CVSS6.2AI score0.78702EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2012:0870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.01553EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2012:0515-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.9AI score0.74034EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2012:0502-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.9AI score0.74034EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2012:0337-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9CVSS8.7AI score0.06499EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2021:0870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.06563EPSS
Exploits3References6
OSV
OSV
added 2020/09/11 5:15 p.m.3 views

CVE-2020-0870

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on ...

7.8CVSS7.1AI score0.00996EPSS
Exploits0References1
CVE
CVE
added 2020/09/11 5:8 p.m.89 views

CVE-2020-0870

CVE-2020-0870 is a local, elevation-of-privilege flaw in the Windows Shell infrastructure component caused by improper handling of in‑memory objects. An attacker who can log on and run a crafted application could execute code with elevated privileges. The patch fixes how the Shell infrastructure ...

7.8CVSS7.7AI score0.00996EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2020/09/11 5:8 p.m.31 views

CVE-2020-0870 Shell infrastructure component Elevation of Privilege Vulnerability

...

7.8CVSS8.1AI score0.00996EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/03/17 5:12 p.m.87 views

Low: Red Hat Security Advisory: python-flask security update

An update for python-flask is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.6AI score0.03855EPSS
Exploits1References2
OSV
OSV
added 2019/04/09 9:29 p.m.6 views

CVE-2019-0870

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867,...

6.1CVSS6.6AI score0.02419EPSS
Exploits0References2
Prion
Prion
added 2019/04/09 9:29 p.m.18 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0868,...

4.3CVSS5.9AI score0.02626EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2019/04/09 8:20 p.m.101 views

CVE-2019-0870

Technical details about CVE-2019-0870 are not provided in the connected documents. The available data include a description of an XSS vulnerability in Azure DevOps Server/TFS and CVSS metrics. Monitor for updates.

6.1CVSS5.5AI score0.02419EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder