Lucene search
K

724 matches found

Cvelist
Cvelist
added 2024/11/01 4:16 p.m.40 views

CVE-2024-49770 oak's path traversal allows transfer of hidden files within the served root directory

oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default oak does not allow transferring of hidden files with Context.send API. However, prior to version 17.1.3, this can be bypassed by encoding / as its URL encoded...

8.7CVSS0.00682EPSS
Exploits0References4
OSV
OSV
added 2024/09/15 11:17 p.m.19 views

RHBA-2016:2206 Red Hat Bug Fix Advisory: evolution-data-server bug fix update

Bulletin has no description...

5.3CVSS9.4AI score0.02889EPSS
Exploits1References19
OSV
OSV
added 2024/09/15 5:47 p.m.21 views

RHSA-2009:0355 Red Hat Security Advisory: evolution and evolution-data-server security update

Bulletin has no description...

7.5CVSS6.1AI score0.03312EPSS
Exploits2References15
OSV
OSV
added 2024/09/15 5:47 p.m.20 views

RHSA-2009:0354 Red Hat Security Advisory: evolution-data-server security update

Bulletin has no description...

7.5CVSS6.1AI score0.03312EPSS
Exploits2References15
OSV
OSV
added 2024/09/15 4:46 p.m.16 views

RHSA-2007:0510 Red Hat Security Advisory: evolution-data-server security update

Bulletin has no description...

6.8CVSS5.5AI score0.03122EPSS
Exploits0References7
OSV
OSV
added 2024/09/15 4:40 p.m.15 views

RHSA-2007:0344 Red Hat Security Advisory: evolution-data-server security update

Bulletin has no description...

2.6CVSS8.1AI score0.02423EPSS
Exploits1References8
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.200 views

7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule '7-Technologies IGSS 9 IGSSdataServer.exe DoS', 'Description' = %q The 7-Technologies SCADA IGSS Data Server IGSSdataServer.exe 'jfa', Metasploit...

5CVSS7AI score0.21149EPSS
Exploits2
OSV
OSV
added 2024/06/15 12:0 a.m.12 views

OPENSUSE-SU-2024:10744-1 evolution-data-server-3.40.4-1.4 on GA media

These are all security issues fixed in the evolution-data-server-3.40.4-1.4 package on the GA media of openSUSE Tumbleweed...

6.8CVSS6.3AI score0.03122EPSS
Exploits2References3
OSV
OSV
added 2024/06/15 12:0 a.m.11 views

OPENSUSE-SU-2024:10503-1 obex-data-server-0.4.6-15.8 on GA media

These are all security issues fixed in the obex-data-server-0.4.6-15.8 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.5AI score0.04287EPSS
Exploits2References1
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.13 views

evolution and evolution-data-server bug fix and enhancement update

An update is available for evolution, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release,...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.15 views

RHEL 5 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-...

9.8CVSS7.1AI score0.01844EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 7 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 - In GNOME...

5.9CVSS6.7AI score0.02808EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 6 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-...

9.8CVSS8.1AI score0.01844EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.22 views

RHEL 6 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-...

6.8AI score0.02808EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.21 views

RHEL 7 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book-...

7.8AI score0.01844EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.4 views

The vulnerability of the Live Data server software used for creating Cisco Unified Intelligence Center reports allows a perpetrator to read and modify data stored in the internal service storage.

The vulnerability of the Live Data server of the Cisco Unified Intelligence Center software relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to read and modify data in the internal service storage using a specially created CLI configuration query...

5.1CVSS5.9AI score0.00142EPSS
Exploits0References3
NVD
NVD
added 2024/02/21 5:15 p.m.17 views

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

7.1CVSS5AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 5:15 p.m.4 views

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
Prion
Prion
added 2024/02/21 5:15 p.m.19 views

Improper access control

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

3.6CVSS6.8AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/21 4:9 p.m.15 views

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

5.1CVSS5.3AI score0.00142EPSS
Exploits0References1
Rows per page
Query Builder