Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.28 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : cups Multiple Vulnerabilities (NS-SA-2021-0161)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cups packages installed that are affected by multiple vulnerabilities: - A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP...

8.8CVSS7.1AI score0.02979EPSS
Exploits1References7
OSV
OSV
added 2020/10/27 8:15 p.m.2 views

CVE-2019-8656

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount tha...

5.5CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2020/10/27 8:15 p.m.4 views

CVE-2019-8539

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges...

7.8CVSS7.4AI score0.0115EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/27 7:38 p.m.25 views

CVE-2019-8656

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount tha...

6.5AI score0.0149EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/09/29 8:0 p.m.3 views

cups: stack-buffer-overflow in libcups's asn1_get_type function

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS7.6AI score0.02031EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:43 p.m.4 views

cups: stack-buffer-overflow in libcups's asn1_get_type function

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS7.6AI score0.02031EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2019/08/17 7:51 p.m.24 views

CVE-2019-8675

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS4.5AI score0.02031EPSS
Exploits0References3
Apple
Apple
added 2019/07/22 12:0 a.m.50 views

About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra

About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra This document describes the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. About Apple security updates For o...

9.8CVSS0.6AI score0.13806EPSS
Exploits17References1Affected Software3
Friends Of PHP
Friends Of PHP
added 2019/06/27 12:0 a.m.9 views

EZSA-2019-004 CSRF token in login form is disabled by default

More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-004-csrf-token-in-login-form-is-disabled-by-default...

7.2AI score
Exploits0Affected Software1
Drupal
Drupal
added 2019/04/17 12:0 a.m.93 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

The jQuery project released version 3.4.0, and as part of that, disclosed a security vulnerability that affects all prior versions. As described in their release notes: jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue, , .... If an unsanitized source object...

6.1CVSS2.1AI score0.87218EPSS
Exploits4References17
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.29 views

Fedora 28 : drupal8 (2019-79bd99f9a8)

https://www.drupal.org/project/drupal/releases/8.6.13 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.31 views

Fedora 28 : drupal7 (2019-2fbce03df3)

https://www.drupal.org/project/drupal/releases/7.65 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.22 views

Fedora 29 : drupal7 (2019-35589cfcb5)

https://www.drupal.org/project/drupal/releases/7.65 - https://www.drupal.org/SA-CORE-2019-004 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

5.4CVSS6.2AI score0.12408EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2019/03/26 12:0 a.m.24 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: XSS always requires extra effort in a pentest, it depends on the actual app...

5.4CVSS3AI score0.12408EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2019/03/22 12:0 a.m.22 views

Drupal XSS Vulnerability (SA-CORE-2019-004) - Windows

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

5.4CVSS5.6AI score0.12408EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/03/22 12:0 a.m.30 views

Drupal XSS Vulnerability (SA-CORE-2019-004) - Linux

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

5.4CVSS5.6AI score0.12408EPSS
Exploits0References1
OSV
OSV
added 2019/03/20 4:8 p.m.1 views

DRUPAL-CORE-2019-004

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

5.4CVSS6AI score0.12408EPSS
Exploits0References1
Drupal
Drupal
added 2019/03/20 12:0 a.m.105 views

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

5.4CVSS1.9AI score0.12408EPSS
Exploits0References11
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.27 views

Moderately critical - Cross Site Scripting - SA-CORE-2019-004

More info at https://www.drupal.org/SA-CORE-2019-004...

5.4CVSS7.2AI score0.12408EPSS
Exploits0Affected Software1
Rows per page
Query Builder