Lucene search
+L

115 matches found

RedhatCVE
RedhatCVE
added 2019/07/10 9:21 a.m.45 views

CVE-2019-9827

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI...

9.8CVSS3AI score0.26803EPSS
Exploits3References3
Github Security Blog
Github Security Blog
added 2019/07/05 9:8 p.m.35 views

Server-Side Request Forgery in Hawt Hawtio

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI...

9.8CVSS2.7AI score0.26803EPSS
Exploits3References3Affected Software1
OSV
OSV
added 2019/07/03 9:15 p.m.25 views

CVE-2019-9827

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI...

9.8CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2019/07/03 9:15 p.m.64 views

CVE-2019-9827

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI...

9.8CVSS9.4AI score0.26803EPSS
Exploits3References1
Prion
Prion
added 2019/07/03 9:15 p.m.41 views

Server side request forgery (ssrf)

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI...

7.5CVSS9.3AI score0.26803EPSS
Exploits3References1Affected Software1
Xen Project
Xen Project
added 2019/01/21 12:0 p.m.290 views

Cache-load gadgets exploitable with L1TF

ISSUE DESCRIPTION Previously reported vulnerabilities CVE-2017-5753 / XSA-254 Spectre V1 and CVE-2018-3646 / XSA-273 L1TF can, when combined, be leveraged to more easily gather leaked information. A Spectre v1 gadget is a speculation sequence which starts with a conditional branch, contains a...

1.2AI score
Exploits0
CNVD
CNVD
added 2017/12/04 12:0 a.m.6 views

Cisco WebEx Meeting Center URL Redirection Vulnerability

Cisco WebEx Meeting Center is a set of WebEx meeting solutions in the United States Cisco Cisco company's network of online meeting products. The product invites others to join the meeting via e-mail or instant messaging IM, and supports online product demonstrations, information sharing, and mor...

5CVSS6.8AI score0.0117EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/22 12:0 a.m.5 views

Cisco Jabber Guest Server Open Redirect Vulnerability

Cisco Jabber Guest Server is the United States of America Cisco Cisco company's set of users to interact with the enterprise staff in real time software. A security vulnerability exists in Cisco Jabber Guest Server, which arises from the program's failure to adequately enforce access controls on...

6.5CVSS6.9AI score0.01386EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/07/05 12:0 a.m.35 views

openSUSE Security Update : spice (openSUSE-2016-823)

spice was updated to fix two security issues. These security issues were fixed : - CVE-2016-2150: SPICE allowed local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261 boo982385. - CVE-2016-0749: The...

10CVSS8AI score0.08492EPSS
Exploits0References5
OSV
OSV
added 2016/06/09 4:59 p.m.11 views

CVE-2016-2150

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261...

7.1CVSS7.1AI score
Exploits0References9
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Postfix 1.1.x Denial of Service Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/8333/info Debian has reported two vulnerabilities in the Postfix mail transfer agent. The first vulnerability, CAN-2003-0468, can allow for an adversary to bounce-scan a private network. It has also been reported that thi...

5CVSS6.4AI score0.21261EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.37 views

SuSE 11.3 Security Update : libvirt (SAT Patch Number 9203)

libvirt has been patched to fix two security issues. Further information is available at http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0179 and http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6456 These security issues have been fixed : - Unsafe parsing of XML documents allows...

5.8CVSS7AI score0.00573EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2013/09/16 12:0 a.m.16 views

PT-2013-4890 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.2.2 Description: The issue is related to improper access restriction to hosts in the Foreman application. This allows remote attackers to access arbitrary hosts via an API request to the /api/v1/hosts endpoint, whi...

7.5CVSS5.7AI score0.02395EPSS
Exploits0References5
Prion
Prion
added 2013/09/10 11:28 a.m.19 views

Directory traversal

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors...

9.4CVSS7.3AI score0.03687EPSS
Exploits0References3Affected Software2
NVD
NVD
added 1999/01/01 5:0 a.m.25 views

CVE-1999-0571

A router's configuration service or management interface such as a web server or telnet is configured to allow connections from arbitrary hosts...

10CVSS6.7AI score0.01855EPSS
Exploits0References1
Rows per page
Query Builder