Lucene search
K

235 matches found

OSV
OSV
added 2023/08/31 12:13 p.m.0 views

BELL-CVE-2020-1971 CVE-2020-1971 does not affect BellSoft software

Bulletin has no description...

5.9CVSS7.2AI score0.06968EPSS
Exploits3References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/07 3:13 p.m.33 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2020-1971

Summary There is a vulnerability CVE-2020-1971 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, ...

5.9CVSS6.1AI score0.06968EPSS
Exploits3Affected Software1
Oracle linux
Oracle linux
added 2023/04/24 12:0 a.m.159 views

openssl security update

1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...

10CVSS8.6AI score0.99999EPSS
Exploits183
Circl
Circl
added 2023/04/10 8:27 p.m.6 views

CVE-2023-1971

creationtimestamp| type| source ---|---|--- 2023-04-10 20:27:40+00:00| seen| https://t.me/cibsecurity/61779 2023-11-30 09:17:01+00:00| seen| https://t.me/arpsyndicate/808...

6.5CVSS5.6AI score0.00636EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/10 4:31 p.m.30 views

CVE-2023-1971 yuan1994 tpAdmin Upload.php remote server-side request forgery

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to laun...

6.5CVSS6.7AI score0.00636EPSS
Exploits1References3
CVE
CVE
added 2023/04/10 4:31 p.m.63 views

CVE-2023-1971

CVE-2023-1971 affects yuan1994 tpAdmin 1.3.12. Affected component: the remote() function in application/admin/controller/Upload.php, where manipulation of the url argument enables server-side request forgery (SSRF). Exploitation can be performed remotely, and public disclosures exist (VDB-225408)...

6.5CVSS5.4AI score0.00636EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.16 views

Debian: Security Advisory (DSA-1971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.04409EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.61 views

Amazon Linux 2 : ImageMagick (ALAS-2023-1971)

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1971 advisory. An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in...

7.8CVSS6.3AI score0.01542EPSS
Exploits2References16
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.55 views

K42910051: OpenSSL vulnerability CVE-2020-1971

Security Advisory Description The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not...

5.9CVSS7AI score0.06968EPSS
Exploits3Affected Software18
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.8 views

SA44676 - December 08 2020 OpenSSL Security Advisory

Problem On December 08 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities? per our End of Engineering EOE and End of Life EOL policies. The...

5.9CVSS7AI score0.06968EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/11/01 12:0 a.m.49 views

Juniper Junos OS Multiple Vulnerabilities (JSA69715)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69715 advisory. - The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have us...

7.5CVSS6.8AI score0.50732EPSS
Exploits3References7
OSV
OSV
added 2022/06/27 9:15 a.m.2 views

CVE-2022-1971

The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00552EPSS
Exploits2References1
NVD
NVD
added 2022/06/27 9:15 a.m.13 views

CVE-2022-1971

The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00552EPSS
Exploits2References1
CVE
CVE
added 2022/06/27 8:59 a.m.79 views

CVE-2022-1971

CVE-2022-1971 concerns the NextCellent Gallery WordPress plugin (

4.8CVSS4.7AI score0.00552EPSS
Exploits2References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.34 views

Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL

Summary The vulnerability in CVE-2020-1971 have been addressed in the latest interim Fix iFix available on Fix Central for all 3 affected versions. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the...

4.3CVSS6AI score0.06968EPSS
Exploits3Affected Software1
ICS
ICS
added 2022/03/08 12:0 a.m.127 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.279 views

AlmaLinux 8 : openssl (ALSA-2020:5476)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5476 advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

5.9CVSS7.1AI score0.06968EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2020-0465)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.4AI score0.06968EPSS
Exploits3References8
Positive Technologies
Positive Technologies
added 2022/01/15 12:0 a.m.4 views

PT-2022-1971 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insecure privilege management in the Windows DWM core library of the Microsoft Windows operating system. It allows an attacker to elevate their privileges...

7.8CVSS7.5AI score0.00621EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/02 8:35 p.m.27 views

Security Bulletin: This Power System update is being released to address CVE 2020-1971

Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-1971. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of...

5.9CVSS5.8AI score0.06968EPSS
Exploits3Affected Software1
Rows per page
Query Builder