Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.15 views

Amazon Linux 2 : re2c (ALAS-2023-2344)

The version of re2c installed on the remote host is prior to 3.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2344 advisory. A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Tenable has extracted the...

9.8CVSS8.3AI score0.01563EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.13 views

Amazon Linux 2023 : re2c (ALAS2023-2023-438)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-438 advisory. A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Tenable has extracted the preceding description block directly from the tested product security...

9.8CVSS8.2AI score0.01563EPSS
Exploits1References4
Amazon
Amazon
added 2023/11/14 12:0 a.m.4 views

Medium: re2c

Issue Overview: A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Affected Packages: re2c Issue Correction: Run dnf update re2c --releasever 2023.2.20231113 or dnf update --advisory ALAS2023-2023-438 --releasever 2023.2.20231113 to update yo...

9.8CVSS7.2AI score0.01563EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/05/10 12:0 a.m.11 views

CVE-2023-23901

Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the...

7.2AI score0.00456EPSS
Exploits0References6
CVE
CVE
added 2023/05/10 12:0 a.m.54 views

CVE-2023-23901

CVE-2023-23901 affects Seiko Solutions SkyBridge MB-A200 firmware (01.00.05 and earlier) and SkyBridge BASIC MB-A130 firmware (1.4.1 and earlier). Root cause: improper following of a certificate’s chain of trust. Impact: remote unauthenticated attacker may eavesdrop on or alter communications sen...

6.5CVSS6.5AI score0.00456EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/05/10 12:0 a.m.26 views

CVE-2023-23901

Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the...

7.4AI score0.00456EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/03/29 11:12 a.m.41 views

CVE-2022-23901

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc...

9.8CVSS9.6AI score0.01563EPSS
Exploits1
CVE
CVE
added 2022/03/29 11:12 a.m.66 views

CVE-2022-23901

CVE-2022-23901 describes a stack overflow in re2c 2.2 due to infinite recursion in src/dfa/dead_rules.cc. Connected advisories show affected environments (e.g., Amazon Linux 2/ALAS2023-2344 and ALAS2023-438; Azure Linux security update) and fixes upgrading to re2c 3.1.x (e.g., 3.1-2) or later. Th...

9.8CVSS9.4AI score0.01563EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2021/11/11 12:37 a.m.5 views

CVE-2020-23901

creationtimestamp| type| source ---|---|--- 2021-11-11 00:37:08+00:00| seen| https://t.me/cibsecurity/32220...

5.5CVSS5.5AI score0.00703EPSS
Exploits1References1
NVD
NVD
added 2021/11/10 10:15 p.m.22 views

CVE-2020-23901

A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted tga file...

5.5CVSS0.00703EPSS
Exploits1References2
CVE
CVE
added 2021/11/10 9:26 p.m.60 views

CVE-2020-23901

Summary (CVE-2020-23901) : The vulnerability affects WildBit Viewer v6.6. According to the provided reports, the issue is a User Mode Write AV in Editor+0x5d15 that can be triggered by a crafted tga file , leading to a denial of service (DoS) . Connected documents corroborate a DoS impact from a ...

5.5CVSS5.3AI score0.00703EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/02/08 9:30 a.m.7 views

SUSE-SU-2021:0323-1 Security update for nutch-core

This update for nutch-core fixes the following issue: - CVE-2021-23901: fixed an XML external entity XXE injection in DmozParser bsc1181356...

9.1CVSS9.4AI score0.04359EPSS
Exploits0References3
NVD
NVD
added 2021/01/25 10:16 a.m.29 views

CVE-2021-23901

An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...

9.1CVSS8.9AI score0.04359EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/01/25 9:25 a.m.26 views

CVE-2021-23901 An XML external entity (XXE) injection vulnerability exists in the Nutch DmozParser

An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...

9.1AI score0.04359EPSS
Exploits0References5
CVE
CVE
added 2021/01/25 9:25 a.m.88 views

CVE-2021-23901

The CVE-2021-23901 issue affects Apache Nutch DmozParser prior to 1.18, where an XML External Entity (XXE) injection was exploitable due to improper XML processing. Affected component: DmozParser in Nutch versions

9.1CVSS9AI score0.04359EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder