Lucene search
K

94 matches found

OSV
OSV
added 2022/05/13 1:18 a.m.16 views

GHSA-WJMF-6X7G-XQ67 ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945,...

7.5CVSS7.8AI score0.1425EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:18 a.m.28 views

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945,...

7.6CVSS7.3AI score0.1425EPSS
Exploits0References6Affected Software1
Circl
Circl
added 2022/03/24 5:29 p.m.5 views

CVE-2022-0955

creationtimestamp| type| source ---|---|--- 2022-03-24 17:29:39+00:00| seen| https://t.me/cibsecurity/39492...

6.5CVSS5.5AI score0.00573EPSS
Exploits1References1
NVD
NVD
added 2022/03/24 3:15 p.m.38 views

CVE-2022-0955

Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...

6.5CVSS0.00573EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/24 2:45 p.m.29 views

CVE-2022-0955 Cross-site Scripting (XSS) - Stored in pimcore/data-hub

Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...

6.5CVSS5.2AI score0.00573EPSS
Exploits1References2
CVE
CVE
added 2022/03/24 2:45 p.m.117 views

CVE-2022-0955

Summary: CVE-2022-0955 is a stored Cross-site Scripting (XSS) vulnerability in Pimcore/Data-Hub prior to version 1.2.4. The Red Hat and OSV entries, along with the Pimcore advisories, describe that an admin user accessing Pimcore/Data-Hub could trigger the attack, potentially compromising cookies...

6.5CVSS5AI score0.00573EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2021/12/15 10:47 p.m.5 views

CVE-2021-0955

creationtimestamp| type| source ---|---|--- 2021-12-15 22:47:01+00:00| seen| https://t.me/cibsecurity/34101...

7CVSS7AI score0.00088EPSS
Exploits0References1
NVD
NVD
added 2021/12/15 7:15 p.m.24 views

CVE-2021-0955

In pfwritebuf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-19208576...

7CVSS0.00088EPSS
Exploits0References1
CVE
CVE
added 2021/12/15 6:5 p.m.113 views

CVE-2021-0955

CVE-2021-0955 affects Android 11 where the race condition in the function path pf_write_buf within FuseDaemon.cpp can cause memory corruption leading to local elevation of privilege without user interaction. The issue is documented in multiple feeds (NVD/Red Hat/OSV) with the same root cause and ...

7CVSS7.1AI score0.00088EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2016:0955-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.5AI score0.0773EPSS
Exploits4References54
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2018:0955-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.8864EPSS
Exploits3References5
OSV
OSV
added 2020/12/02 1:15 a.m.3 views

DEBIAN-CVE-2012-0955

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

7.4CVSS7.4AI score0.00607EPSS
Exploits1References1
NVD
NVD
added 2020/12/02 1:15 a.m.26 views

CVE-2012-0955

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

7.4CVSS6.9AI score0.00607EPSS
Exploits1References2
OSV
OSV
added 2020/12/02 1:15 a.m.10 views

CVE-2012-0955

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

7.4CVSS7.4AI score
Exploits0References4
Cvelist
Cvelist
added 2020/12/02 12:50 a.m.32 views

CVE-2012-0955 software-properties incorrectly validated TLS certificates

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...

6.8CVSS7.4AI score0.00607EPSS
Exploits1References2
CVE
CVE
added 2020/12/02 12:50 a.m.77 views

CVE-2012-0955

CVE-2012-0955 affects the Ubuntu software-properties component, where TLS certificate validation was incorrect in softwareproperties/ppa.py. It did not consistently validate TLS certificates under Python 2 and only validated under Python 3 if a valid bundle was provided. This led to potential MIT...

7.4CVSS6.9AI score0.00607EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/04/15 3:13 p.m.105 views

CVE-2020-0955

Technical details for CVE-2020-0955 are not publicly provided in the supplied documents. Monitor official advisories for updates; current sources only describe an information-disclosure via CPU memory access without specifics.

5.5CVSS6.2AI score0.01425EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2020/01/24 9:14 p.m.11 views

CVE-2019-0955

...

Exploits0
CVE
CVE
added 2020/01/24 9:14 p.m.40 views

CVE-2019-0955

CVE-2019-0955 entry is rejected/not used; it does not represent an active vulnerability entry.

7.3AI score
Exploits0
Prion
Prion
added 2018/05/09 7:29 p.m.21 views

Remote code execution

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951,...

7.6CVSS7.6AI score0.66913EPSS
Exploits6References4Affected Software1
Rows per page
Query Builder