Lucene search
K

4373 matches found

Debian CVE
Debian CVE
added 2020/03/16 3:5 p.m.19 views

CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

4.6CVSS6.6AI score0.00487EPSS
Exploits1
CVE
CVE
added 2020/03/16 3:5 p.m.221 views

CVE-2020-1735

CVE-2020-1735 is a vulnerability in the Ansible Engine where the fetch module can be intercepted, enabling an attacker to inject a new path and choose a different destination path on the controller. The issue affects all 2.7.x, 2.8.x and 2.9.x branches. Connected advisories confirm multiple vendo...

4.6CVSS5.2AI score0.00487EPSS
Exploits1References7Affected Software4
Positive Technologies
Positive Technologies
added 2020/03/16 12:0 a.m.10 views

PT-2020-6580

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.9.x Description A flaw was found in the Ansible Engine when the fetch module is used, allowing an attacker to intercept the module, inject a new path, and choose a new destination path on the controller...

4.6CVSS7.1AI score0.00487EPSS
Exploits1References200
CNVD
CNVD
added 2020/03/11 12:0 a.m.2 views

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2020-16693)

Mozilla Firefox Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. An information disclosure vulnerability exists in Mozilla Firefox versions prior to 74. The vulnerability can be exploited to read local files via a fetch request from a web extension with all-urls...

7.5CVSS8.1AI score0.01429EPSS
Exploits0References1
OSV
OSV
added 2020/03/10 12:0 a.m.4 views

UBUNTU-CVE-2020-6809

When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox 74...

7.5CVSS7.2AI score0.01429EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/03/10 12:0 a.m.31 views

CVE-2020-6809

When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox 74...

7.5CVSS7.1AI score0.01429EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/02/27 12:0 a.m.5 views

The vulnerability of the __zzipFetchFetchDiskTrailer function in the ZZIPlib library allows a hacker to trigger a service failure.

The vulnerability of the zzipfetchdisktrailer function in the ZZIPlib compression library is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using a specially created zip file...

7.1CVSS6.2AI score0.02285EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2020/02/27 12:0 a.m.5 views

The vulnerability of the `__zzip_fetch_disk_trailer` function in the ZZIPlib compression library, which stems from insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of the zzipfetchdisktrailer function in the ZZIPlib compression library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures by using a specially created zip file...

6.5CVSS6.1AI score0.02305EPSS
Exploits1References7Affected Software4
RedhatCVE
RedhatCVE
added 2020/02/18 2:29 p.m.27 views

CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. Mitigation Currently, there is no mitigation for this issue except avoid using the affected fetch module...

4.6CVSS2.1AI score0.00487EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-2431)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.06336EPSS
Exploits3References3
NVD
NVD
added 2020/01/22 7:15 p.m.17 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.8CVSS9.6AI score0.0182EPSS
Exploits1References3
Prion
Prion
added 2020/01/22 7:15 p.m.21 views

Design/Logic Flaw

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

7.5CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2020/01/22 6:48 p.m.66 views

CVE-2019-19843

CVE-2019-19843 affects Ruckus Wireless Unleashed firmware up to 200.7.10.102.64. The issue is an incorrect access control in the Web UI that allows remote credential fetch via an unauthenticated HTTP request exploiting a symlink involving /tmp and web/user/wps_tool_cache. Impact per sources inclu...

9.8CVSS9.5AI score0.0182EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/01/22 6:48 p.m.26 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.7AI score0.0182EPSS
Exploits1References3
NVD
NVD
added 2020/01/20 10:15 p.m.35 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1
OSV
OSV
added 2020/01/20 10:15 p.m.5 views

CVE-2020-7243

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

7.2CVSS7.6AI score
Exploits0References1
Prion
Prion
added 2020/01/20 10:15 p.m.12 views

Remote code execution

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/01/20 9:56 p.m.61 views

CVE-2020-7243

CVE-2020-7243 affects Comtech Stampede FX-1010 (version 7.4.3). A flaw in the Fetch URL page allows remote authenticated administrators to achieve remote code execution by submitting shell metacharacters in the URL field; in some cases authentication can be obtained with the comtech password. Mit...

9CVSS7.5AI score0.04244EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/01/20 12:0 a.m.4 views

PT-2020-19493

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Fetch URL" page and entering shell metacharacters in the URL field. In some cases,...

9CVSS7.6AI score0.04244EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.71 views

EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)

According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...

7.5CVSS7.1AI score0.06889EPSS
Exploits3References5
Rows per page
Query Builder