Lucene search
+L

93 matches found

Tenable Nessus
Tenable Nessus
added 2022/06/29 12:0 a.m.89 views

Oracle Linux 7 : kernel (ELSA-2022-5232)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5232 advisory. - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 - netfilter: nftables: disallow non-stateful expression in sets earlier Phil Sutter 2093000...

7CVSS6.8AI score0.00612EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.62 views

RHEL 8 : thunderbird (RHSA-2020:5232)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5232 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.0. Security Fixes: Mozilla:...

9.3CVSS7.6AI score0.0245EPSS
Exploits1References22
Circl
Circl
added 2020/03/26 3:7 p.m.6 views

CVE-2020-5232

creationtimestamp| type| source ---|---|--- 2020-03-26 15:07:14+00:00| seen| https://t.me/techpwnews/272 2026-05-06 16:04:17+00:00| seen| https://t.me/codebysec/10094...

8.7CVSS7.9AI score0.01181EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/01/30 11:55 p.m.16 views

CVE-2020-5232 Ethereum Name Service - Malicious takeover of previously owned ENS names

A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry...

8.7CVSS8.5AI score0.01181EPSS
Exploits0References2
CVE
CVE
added 2020/01/30 11:55 p.m.92 views

CVE-2020-5232

CVE-2020-5232 concerns the Ethereum Name Service (ENS). The vulnerability arises when an ENS domain owner can set a trapdoor that enables transferring ownership to another user and later regaining ownership without the new owner’s consent or awareness. The public records indicate a new ENS deploy...

8.7CVSS8.5AI score0.01181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/11/29 7:42 p.m.21 views

CVE-2019-5232

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak...

7.5AI score0.00972EPSS
Exploits0References1
CVE
CVE
added 2019/11/29 7:42 p.m.58 views

CVE-2019-5232

CVE-2019-5232 affects Huawei ViewPoint products due to use of insufficiently random values. An unauthenticated, remote attacker can perform repeated guessing attempts, leading to information leakage. Affected component is the ViewPoint implementation in Huawei devices; root cause is weak randomne...

7.5CVSS7.5AI score0.00972EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2019/11/20 12:0 a.m.71 views

Security Advisory - Use of Insufficiently Random Values Vulnerability in Huawei ViewPoint Products

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak. Vulnerability ID: HWPSIRT-2019-10076 This vulnerability has been...

7.5CVSS7.5AI score0.00972EPSS
Exploits0Affected Software3
OSV
OSV
added 2018/07/24 5:29 p.m.4 views

CVE-2018-10632

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition...

7.5CVSS5.8AI score0.01713EPSS
Exploits0References2
NVD
NVD
added 2018/07/24 5:29 p.m.27 views

CVE-2018-10632

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition...

7.5CVSS7.5AI score0.01713EPSS
Exploits0References2
OSV
OSV
added 2018/07/18 2:29 p.m.3 views

CVE-2018-5232

The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuetype parameter...

6.1CVSS5.4AI score
Exploits0References1
CVE
CVE
added 2018/07/18 2:0 p.m.61 views

CVE-2018-5232

The Jira EditIssue.jspa XSS vulnerability (CVE-2018-5232) affects Atlassian Jira Server/Datacenter where the issuetype parameter can be exploited to inject arbitrary HTML/JavaScript. Affected versions are Jira before 7.6.7 and 7.7.0 up to 7.10.0; remote attackers can lure users to click a crafted...

6.1CVSS5.9AI score0.01008EPSS
Exploits0References1Affected Software2
Atlassian
Atlassian
added 2018/06/06 12:35 a.m.578 views

XSS in EditIssue.jspa through the issuetype parameter - CVE-2018-5232

The EditIssue.jspa resource in Atlassian Jira Server before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuetype parameter...

6.1CVSS4.6AI score0.01008EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/06/06 12:35 a.m.28 views

XSS in EditIssue.jspa through the issuetype parameter - CVE-2018-5232

The EditIssue.jspa resource in Atlassian Jira Server before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuetype parameter...

6.1CVSS4.6AI score0.01008EPSS
Exploits0
rapid7community
rapid7community
added 2017/08/09 8:47 p.m.175 views

Multiple Vulnerabilities Affecting Four Rapid7 Products

Today, we'd like to announce eight vulnerabilities that affect four Rapid7 products, as described in the table below. While all of these issues are relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding the...

6.8CVSS7.6AI score0.01489EPSS
Exploits0
NVD
NVD
added 2017/06/07 8:29 p.m.19 views

CVE-2015-5232

Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197...

9.3CVSS8.1AI score0.01677EPSS
Exploits0References5
CVE
CVE
added 2017/06/07 8:0 p.m.42 views

CVE-2015-5232

CVE-2015-5232 involves race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197. The affected components are opa-fm (OPA architecture manager) and opa-ff (OPA architecture building tool), with the root cause described as race conditions affecting concurrent operations. Documen...

9.3CVSS8AI score0.01677EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2017/03/02 8:0 p.m.56 views

CVE-2017-5232

CVE-2017-5232 refers to a DLL preloading vulnerability in all Rapid7 Nexpose installers prior to version 6.4.24. The issue arises because the installer may load a malicious DLL from the current working directory rather than an explicit system path. Connected documents confirm the affected compone...

7.8CVSS7.5AI score0.00772EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/02/13 9:59 p.m.16 views

Design/Logic Flaw

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series...

7.5CVSS7.9AI score0.0185EPSS
Exploits0References2Affected Software14
CVE
CVE
added 2017/02/13 9:0 p.m.61 views

CVE-2016-8362

CVE-2016-8362 affects Moxa OnCell OnCellG3470A-LTE and a wide range of AWK/WAC/TAP models. The issue is described as Improper Authentication that allows any user to download log files by accessing a specific URL, with an attack scenario that does not require authentication. Impact in the public a...

6.5CVSS6.3AI score0.01038EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder