Lucene search
K

739 matches found

prion
prion
added 2018/09/10 7:29 p.m.21 views

Design/Logic Flaw

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

4CVSS6.3AI score0.02527EPSS
Exploits0References7Affected Software2
osv
osv
added 2018/09/10 7:29 p.m.7 views

UBUNTU-CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS5.8AI score0.02527EPSS
Exploits0References2
osv
osv
added 2018/09/10 7:29 p.m.34 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0References7
pypa
pypa
added 2018/09/10 7:29 p.m.7 views

PYSEC-2018-93

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.6AI score0.02527EPSS
Exploits0References8Affected Software1
osv
osv
added 2018/09/10 7:29 p.m.26 views

PYSEC-2018-93

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS3.7AI score0.02527EPSS
Exploits0References8
cvelist
cvelist
added 2018/09/10 7:0 p.m.46 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.2AI score0.02527EPSS
Exploits0References7
cve
cve
added 2018/09/10 7:0 p.m.96 views

CVE-2018-14635

The CVE-2018-14635 vulnerability affects OpenStack Neutron’s ml2 Linux Bridge driver. The issue allows non-privileged tenants to create and attach ports without assigning an IP address, bypassing IP address validation. This can lead to a potential denial of service if an IP outside the allowed al...

6.5CVSS6.1AI score0.02527EPSS
Exploits0References7Affected Software1
debiancve
debiancve
added 2018/09/10 7:0 p.m.69 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0
cnvd
cnvd
added 2018/08/21 12:0 a.m.3 views

Sentinel License Manager lservnt.exe Component Denial of Service Vulnerability

Sentinel License Manager is a suite of software that remotely performs software license management. lservnt.exe is one of the Sentinel License Manager startup components. A security vulnerability exists in the lservnt.exe component of Sentinel License Manager version 8.5.3.35, which is caused by...

7.5CVSS7.4AI score0.01207EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2018/07/19 12:0 a.m.7 views

PT-2019-4775 · Python +8 · Python +8

Name of the Vulnerable Software and Affected Versions: Python versions 2.7.16 and earlier Python versions 3.x through 3.5.7 Python versions 3.6.x through 3.6.9 Python versions 3.7.x through 3.7.4 Description: The issue is related to the email module in Python, which incorrectly parses email...

10CVSS6.4AI score0.73327EPSS
Exploits76References623
nessus
nessus
added 2018/07/12 12:0 a.m.63 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)

The remote OracleVM system is missing necessary patches to address critical security updates : - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao CVE-2017-18203 - drm: udl: Properly check framebuffer mmap offsets Greg Kroah-Hartman Orabug: 27986407 CVE-2018-8781 - kernel/exit.c: avoid...

7.8CVSS7.2AI score0.04252EPSS
Exploits18References23
cnvd
cnvd
added 2018/07/04 12:0 a.m.4 views

Unspecified Vulnerability in Rclone

Rclone is a command line program for synchronizing files and directories. A security vulnerability exists in Rclone version 1.42 that stems from the program failing to validate URL fields from the Google Cloud Storage API server. An attacker could exploit the vulnerability to pass arbitrary conte...

7.5CVSS7.1AI score0.01306EPSS
Exploits0References1
osv
osv
added 2018/06/04 7:29 p.m.6 views

CVE-2017-16021

uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100%...

6.5CVSS5.8AI score0.01342EPSS
Exploits1References2
osv
osv
added 2018/06/04 7:29 p.m.3 views

CVE-2017-0930

augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path...

6.5CVSS5.8AI score0.01217EPSS
Exploits1References1
prion
prion
added 2018/04/18 2:29 p.m.22 views

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqseefusewrite could lead to untrusted pointer dereference...

10CVSS8.1AI score0.01273EPSS
Exploits0References2
prion
prion
added 2018/04/18 2:29 p.m.18 views

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qseegetsecurestate syscall...

10CVSS8.1AI score0.01273EPSS
Exploits0References2
cve
cve
added 2018/04/18 2:0 p.m.67 views

CVE-2015-9109

The CVE-2015-9109 issue concerns Android devices using Qualcomm Snapdragon Automotive and Snapdragon Mobile MDM9625, SD 425/430/450/625/650/52/820/820A. The root cause is lack of address-argument validation in the inqsee_fuse_write path, which could lead to an untrusted pointer dereference. Conne...

10CVSS8.5AI score0.01273EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2018/04/18 2:0 p.m.28 views

CVE-2015-9114

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation in qseequerycounter syscall could lead to untrusted pointer dereference...

9.6AI score0.01273EPSS
Exploits0References2
cve
cve
added 2018/04/18 2:0 p.m.57 views

CVE-2015-9115

CVE-2015-9115 affects Android on Qualcomm Snapdragon platforms (Automotive and Mobile MDM9625 and several Snapdragon 410/12/425/430/450/615/16/415/617/625/650/52/820/820A). The root cause is missing validation of the address argument in the qsee_prng_getdata syscall, enabling potential misuse. Re...

10CVSS8.5AI score0.01169EPSS
Exploits0References2Affected Software1
cve
cve
added 2018/04/12 10:0 p.m.39 views

CVE-2018-6879

The CVE-2018-6879 entry concerns PHP Scripts Mall Website Seller Script 2.0.3 where client-side validation is used to enforce email format. The vulnerability arises because the validation can be bypassed by removing the client-side validation code, enabling a remote attacker to modify a registere...

8.8CVSS8.6AI score0.01069EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder