Lucene search
+L

104 matches found

vulnersOsv
vulnersOsv
added 2021/05/17 9:0 p.m.4 views

@ardier16/node-lb (>=1.0.0 <=2.0.0), @economist/backstopjs (>=0.0.1 <=0.0.3) +138 more potentially affected by CVE-2020-7679 via casperjs (>=1.1.0-beta3 <=1.1.4)

casperjs NPM version =1.1.0-beta3, =1.0.0, =0.0.1, =0.1.0, =1.2.0, =0.4.0, =0.1.0, =0.0.2, =3.40.4-ez-bin.7, =0.0.1, =0.0.2, =0.0.3 - autocallinjs =1.0.0 and more Source cves: CVE-2020-7679 Source advisory: OSV:GHSA-VRR3-5R3V-7XFW...

9.8CVSS7.2AI score0.01956EPSS
Exploits1
Circl
Circl
added 2021/05/17 9:0 p.m.8 views

CVE-2020-7679

creationtimestamp| type| source ---|---|--- 2021-05-17 21:00:52+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-vrr3-5r3v-7xfw...

9.8CVSS7.3AI score0.01956EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.56 views

SUSE: Security Advisory (SUSE-SU-2017:1714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.39341EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.46 views

SUSE: Security Advisory (SUSE-SU-2017:2449-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.5677EPSS
Exploits3References11
NVD
NVD
added 2020/06/19 11:15 a.m.30 views

CVE-2020-7679

In all versions of package casperjs, the mergeObjects utility function is susceptible to Prototype Pollution...

9.8CVSS0.01956EPSS
Exploits1References3
CVE
CVE
added 2020/06/19 10:40 a.m.56 views

CVE-2020-7679

CasperJS is affected by a Prototype Pollution vulnerability in the mergeObjects utility function across all versions. The issue allows an attacker to inject properties into Object.prototype (via proto or similar paths), potentially polluting prototypes and enabling unintended behavior. Documented...

9.8CVSS8.4AI score0.01956EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/19 10:8 a.m.4 views

@ardier16/node-lb (>=1.0.0 <=2.0.0), @economist/backstopjs (>=0.0.1 <=0.0.3) +138 more potentially affected by CVE-2020-7679 via casperjs (>=1.1.0-beta3 <=1.1.4)

casperjs NPM version =1.1.0-beta3, =1.0.0, =0.0.1, =0.1.0, =1.2.0, =0.4.0, =0.1.0, =0.0.2, =3.40.4-ez-bin.7, =0.0.1, =0.0.2, =0.0.3 - autocallinjs =1.0.0 and more Source cves: CVE-2020-7679 Source advisory: SNYK:JS-CASPERJS-572803...

9.8CVSS7.2AI score0.01956EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1178)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.57472EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.298 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1419)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.94999EPSS
Exploits26References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1389)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.94999EPSS
Exploits13References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.70 views

Security Bulletin: CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668 and CVE-2017-7679 in IBM i HTTP Server

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a specially crafted Content-Ty...

9.8CVSS1.6AI score0.57472EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/18 3:10 a.m.67 views

Security Bulletin: Vulnerability in IBM HTTP Server affects Netezza Performance Portal

Summary IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in...

9.8CVSS0.8AI score0.39341EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.68 views

Symantec Content Analysis < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1410)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a...

9.8CVSS7.2AI score0.39341EPSS
Exploits3References3
HPE Security Bulletins
HPE Security Bulletins
added 2019/02/06 12:0 a.m.6 views

HPESBUX03908 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities.

Potential Security Impact: Remote: Authentication Bypass, Denial of Service DoS, Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX Apache-based Web Server B.11.31 - httpd prior to B.2.4.18.03 CVSS Scores: | CVE | CVSS Vector | Base Score | |...

9.8CVSS6.7AI score0.57472EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 8:34 a.m.59 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2017-7679, CVE-2017-7668, CVE-2017-3167)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...

9.8CVSS0.9AI score0.57472EPSS
Exploits4Affected Software1
NVD
NVD
added 2018/06/21 7:29 p.m.23 views

CVE-2018-7679

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution...

9.8CVSS9.8AI score0.02314EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/21 7:0 p.m.12 views

CVE-2018-7679

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution...

9.8AI score0.02314EPSS
Exploits0References1
CVE
CVE
added 2018/06/21 7:0 p.m.43 views

CVE-2018-7679

CVE-2018-7679 is a remote code execution vulnerability in Micro Focus SBM. Connected CNVD/NVD entries describe SBM versions prior to 11.4 where ASP.NET is configured with execute permission on virtual directories and user avatar images are not validated, enabling an attacker to run arbitrary code...

9.8CVSS9.6AI score0.02314EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.49 views

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server Vulnerabilities

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a...

9.8CVSS1.2AI score0.57472EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:1 p.m.67 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin...

9.8CVSS0.8AI score0.57472EPSS
Exploits4Affected Software1
Rows per page
Query Builder