CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

OSV•added 2019/08/15 6:15 p.m.•22 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS7AI score

Exploits0References1

NVD•added 2019/08/15 6:15 p.m.•9 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS8.8AI score0.00215EPSS

Exploits0References1

Cvelist•added 2019/08/15 5:31 p.m.•22 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.7AI score0.00215EPSS

Exploits0References1

Cvelist•added 2018/08/30 2:0 p.m.•10 views

CVE-2018-13826

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks...

9.3AI score0.00376EPSS

Exploits0References2

OSV•added 2017/12/20 10:29 p.m.•1 views

CVE-2017-5263

Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session tokens associated with any web application function, especially destructive ones...

8CVSS5.8AI score0.00039EPSS

Exploits0References1

OSV•added 2017/02/13 6:59 p.m.•10 views

CVE-2016-6129

The rsaverifyhashex function in rsaverifyhash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a...

7.5CVSS6.8AI score

Exploits0References3

CNVD•added 2015/08/22 12:0 a.m.•1 views

Google Android SMS and MMS Message Tampering Vulnerability

Google Android is an open source operating system based on Linux, mainly used in portable devices. A security vulnerability exists in Google Android, which allows malicious applications to exploit the vulnerability to tamper with the sending and receiving status of SMS and MMS messages to carry o...

5.5CVSS6.8AI score0.00025EPSS

Exploits1References1

Tenable Nessus•added 2008/03/31 12:0 a.m.•46 views

Debian DSA-1532-1 : xulrunner - several vulnerabilities

This shares a lot of text with dsa-1534.wml, dsa-1535.wml, dsa-1574.wml Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4879 Peter Broderse...

9.3CVSS8.3AI score0.31817EPSS

Exploits4References21

Debian•added 2008/03/30 12:22 p.m.•39 views

[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1535-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 30, 2008 http://www.debian.org/security/faq -...

9.3CVSS7.6AI score0.31817EPSS

Exploits4

OSV•added 2008/03/30 12:0 a.m.•55 views

DSA-1535-1 iceweasel

Bulletin has no description...

9.3CVSS9.8AI score0.31817EPSS

Exploits2

OSV•added 2008/03/27 12:0 a.m.•51 views

DSA-1532-1 xulrunner

Bulletin has no description...

9.3CVSS9.8AI score0.31817EPSS

Exploits2