Lucene search
K

545 matches found

Debian CVE
Debian CVE
added 2023/07/06 3:3 p.m.19 views

CVE-2023-36830

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

7.8CVSS7.8AI score0.0039EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.7 views

PT-2023-25720 · Sqlfluff +1 · Sqlfluff +1

Name of the Vulnerable Software and Affected Versions: SQLFluff versions prior to 2.1.2 Description: In environments where untrusted users have access to the config files, there is a potential security issue where those users could use the library path config value to allow arbitrary python code ...

7.8CVSS7.6AI score0.0039EPSS
Exploits1References17
UbuntuCve
UbuntuCve
added 2023/07/06 12:0 a.m.49 views

CVE-2023-36830

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

7.8CVSS7.2AI score0.0039EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2023/06/01 12:15 p.m.24 views

CVE-2023-22652

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

6.5CVSS5.5AI score0.00636EPSS
Exploits0
NVD
NVD
added 2023/06/01 12:15 p.m.16 views

CVE-2023-22652

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

6.5CVSS5.2AI score0.00636EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2023/06/01 12:15 p.m.17 views

CVE-2023-32181

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...

6.5CVSS7AI score0.00568EPSS
Exploits0
OSV
OSV
added 2023/06/01 12:15 p.m.2 views

DEBIAN-CVE-2023-32181

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...

6.5CVSS6.3AI score0.00568EPSS
Exploits0References1
Prion
Prion
added 2023/06/01 12:15 p.m.20 views

Buffer overflow

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

4.3CVSS6.4AI score0.00636EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/01 11:51 a.m.5 views

CVE-2023-22652 Stack buffer overflow in "read_file" function

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

3.3CVSS6.7AI score0.00636EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/06/01 11:51 a.m.24 views

CVE-2023-22652 Stack buffer overflow in "read_file" function

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

3.3CVSS6.5AI score0.00636EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/06/01 11:51 a.m.21 views

CVE-2023-22652

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

6.5CVSS6.4AI score0.00636EPSS
Exploits0
CNNVD
CNNVD
added 2023/06/01 12:0 a.m.4 views

libeconf 安全漏洞

libeconf is a highly flexible and configurable library for parsing and managing key=value configuration files. A security vulnerability exists in libeconf versions prior to 0.5.2, which stems from the presence of a buffer overflow vulnerability that allows denial-of-service attacks via incorrectl...

6.5CVSS6.7AI score0.00568EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/05/30 11:15 p.m.2 views

CVE-2022-39071

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission...

7.1CVSS7.1AI score0.00293EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.4 views

TOTOLINK N200RE 安全漏洞

The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. An information disclosure vulnerability exists in the TOTOLINK N200RE v9.3.5u.6255B20211224, which stems from insufficient protection of sensitive information in the squashfs-root/etcro/custom.conf in the Telnet service...

5.5CVSS6.2AI score0.00276EPSS
Exploits1References4
NVD
NVD
added 2023/05/16 4:15 p.m.37 views

CVE-2023-32982

Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS4.5AI score0.00377EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/05/16 4:0 p.m.15 views

CVE-2023-32982

Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS6.8AI score0.00377EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/16 4:0 p.m.14 views

CVE-2023-32982

Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00377EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/12 5:5 p.m.10 views

CVE-2023-30523

Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.6AI score0.00323EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from Akuvox E11 using a weak encryption algorithm for stored passwords and decrypting them using hard-coded passwords, which can allow decryption of...

9.8CVSS8.3AI score0.00415EPSS
Exploits0References3
Mageia
Mageia
added 2023/02/27 8:27 p.m.40 views

Updated ipython packages fix security vulnerability

Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. CVE-2022-21699...

8.8CVSS3.6AI score0.00657EPSS
Exploits1References6
Rows per page
Query Builder