Lucene search
K

128 matches found

OSV
OSV
added 2023/08/31 12:15 p.m.2 views

BELL-CVE-2019-3902 CVE-2019-3902 does not affect BellSoft software

Bulletin has no description...

5.9CVSS5.8AI score0.01413EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/01/26 9:16 p.m.27 views

CVE-2022-3902

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...

6.4CVSS6.5AI score0.00719EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2022-3902

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...

5.5CVSS6.8AI score0.00719EPSS
Exploits1References3
CVE
CVE
added 2023/01/24 12:0 a.m.83 views

CVE-2022-3902

The CVE-2022-3902 issue affects GitLab: versions 9.3–15.4.5, 15.5–15.5.4, and 15.6–15.6.0 are vulnerable to unmasking webhook secret tokens by reviewing logs after testing webhooks. Root cause details are not expanded beyond the description provided, but the vulnerability allows a project maintai...

6.4CVSS6AI score0.00719EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/01 12:0 a.m.46 views

FreeBSD : Gitlab -- Multiple Vulnerabilities (3cde510a-7135-11ed-a28b-bff032704f00)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3cde510a-7135-11ed-a28b-bff032704f00 advisory. - Gitlab reports: DAST API scanner exposes Authorization headers in vulnerabilities Group IP...

9.3CVSS6.2AI score0.01074EPSS
Exploits9References12
Cloud Foundry
Cloud Foundry
added 2021/10/28 12:0 a.m.31 views

USN-5102-1: Mercurial vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in Mercurial. CVEs contained in this USN include: CVE-2018-17983, CVE-2019-3902. Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted...

9.1CVSS7.4AI score0.02033EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2021/10/05 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-5102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.7AI score0.02033EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/10/04 5:25 p.m.116 views

USN-5102-1: Mercurial vulnerabilities

It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...

9.1CVSS6.9AI score0.02033EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.30 views

Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...

9.1CVSS7.3AI score0.02033EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2021/07/02 5:29 p.m.47 views

Advisory ROSA-SA-2021-1918

Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...

10CVSS8.2AI score0.06331EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:3902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.01876EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:1709-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:1709-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/12 12:0 a.m.5 views

Denial of Service Vulnerability in D-Link Router COVR-3902

The COVR-3902 is a router from D-Link. A denial of service vulnerability exists in the D-Link router COVR-3902, which can be exploited by attackers to cause a denial of service attack...

6.9AI score
Exploits0
OSV
OSV
added 2020/10/22 2:14 p.m.9 views

SUSE-SU-2020:3003-1 Security update for mercurial

This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...

5.9CVSS6AI score0.01413EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.81 views

CentOS 7 : libtiff (RHSA-2020:3902)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3902 advisory. - TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior...

8.8CVSS7AI score0.04204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/07 12:0 a.m.44 views

Oracle Linux 7 : libtiff (ELSA-2020-3902)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3902 advisory. - Fix CVE-2019-17546 Resolves: 1771371 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

8.8CVSS6.7AI score0.04204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/30 12:0 a.m.38 views

RHEL 7 : libtiff (RHSA-2020:3902)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3902 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: integer...

8.8CVSS7.1AI score0.04204EPSS
Exploits0References8
Prion
Prion
added 2020/09/14 2:15 p.m.14 views

Hardcoded credentials

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration...

10CVSS9.6AI score0.03933EPSS
Exploits3References3Affected Software2
CVE
CVE
added 2020/09/14 1:41 p.m.76 views

CVE-2018-20432

CVE-2018-20432 affects D-Link COVR-2600R and COVR-3902 Kit prior to firmware version 1.01b05Beta01. The issue is hardcoded credentials for the telnet service, enabling unauthenticated privileged access and potential data extraction or configuration modification. A PoC exists showing steps to reve...

10CVSS9.5AI score0.03933EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder