Lucene search
K

5111 matches found

Microsoft CVE
Microsoft CVE
added 2022/02/25 8:0 a.m.1 views

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file

...

6.5CVSS6.4AI score0.02374EPSS
Exploits1
Fedora
Fedora
added 2022/02/24 11:27 p.m.30 views

[SECURITY] Fedora 34 Update: wireshark-3.6.2-1.fc34

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

9.8CVSS6.3AI score0.02374EPSS
Exploits5
Microsoft CVE
Microsoft CVE
added 2022/02/24 8:0 a.m.2 views

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

...

7.5CVSS7.1AI score0.01839EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/02/24 8:0 a.m.3 views

Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

...

7.5CVSS7.1AI score0.01839EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/02/23 8:0 a.m.2 views

Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

...

9.8CVSS7.9AI score0.02047EPSS
Exploits1
NVD
NVD
added 2022/02/18 6:15 p.m.23 views

CVE-2022-0585

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file...

6.5CVSS0.02374EPSS
Exploits1References7
OSV
OSV
added 2022/02/18 6:15 p.m.2 views

DEBIAN-CVE-2022-0585

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file...

6.5CVSS6.2AI score0.02374EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/02/18 6:15 p.m.37 views

CVE-2022-0585

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file...

6.5CVSS6.7AI score0.02374EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2022/02/18 12:0 a.m.29 views

CVE-2022-0585

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file...

6.5CVSS8.1AI score0.02374EPSS
Exploits1
Cvelist
Cvelist
added 2022/02/18 12:0 a.m.16 views

CVE-2022-0585

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file...

4.3CVSS8.1AI score0.02374EPSS
Exploits1References6
CNVD
CNVD
added 2022/02/17 12:0 a.m.21 views

Jenkins Snow Commander Plugin Cross-Site Request Forgery Vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Snow Commander Plugin 2.0 and earlier versions contain a cross-site request forgery vulnerability that stems from a...

8.8CVSS2AI score0.00644EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/17 12:0 a.m.27 views

Jenkins Checkmarx Plugin Cross-Site Request Forgery Vulnerability

Jenkins plug-ins are plug-ins that provide appropriate functionality for Jenkins. Jenkins Checkmarx Plugin cross-site request forgery vulnerability. The vulnerability can be exploited by an attacker to connect to an attacker-specified web server via an attacker-specified credential ID to capture...

8.8CVSS8.6AI score0.00544EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/17 12:0 a.m.22 views

Jenkins Snow Commander Plugin Access Control Error Vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Snow Commander Plugin 2.0 and earlier versions are vulnerable to an access control error that stems from not...

6.5CVSS2.5AI score0.00898EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/17 12:0 a.m.17 views

Jenkins Checkmarx Plugin Access Control Error Vulnerability

The Jenkins Plugin is a plug-in that provides appropriate functionality for Jenkins. Jenkins Checkmarx Plugin Access Control Error vulnerability. An attacker could use this vulnerability to connect to an attacker-specified Web server via an attacker-specified credential ID to capture credentials...

4CVSS3.1AI score0.00731EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/16 12:1 a.m.43 views

Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Snow Commander Plugin 2.0 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS4.8AI score0.00644EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/16 12:1 a.m.20 views

GHSA-5PCF-VXM3-FRPH CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials

Checkmarx Plugin 2022.1.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stor...

4.2CVSS8.7AI score0.00544EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/02/16 12:1 a.m.39 views

Missing permission checks in Jenkins Checkmarx Plugin allow capturing credentials

Checkmarx Plugin 2022.1.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stor...

6.5CVSS3.2AI score0.00731EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/16 12:1 a.m.17 views

Missing permission check in Jenkins SWAMP Plugin allows capturing credentials

SWAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

8.8CVSS4.6AI score0.01093EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/16 12:1 a.m.21 views

CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials

WAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation.\ This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

8.8CVSS3.4AI score0.00673EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.8 views

The vulnerability of the Screen Capture function in the Google Chrome browser allows a hacker to gain access to confidential information.

The vulnerability of the Screen Capture function in Google Chrome browser relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information through a specially created web page...

10CVSS7.1AI score0.00761EPSS
Exploits0References6Affected Software4
Rows per page
Query Builder