Lucene search
K

224 matches found

OSV
OSV
added 2020/03/11 7:15 p.m.4 views

CVE-2020-1979

A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...

7.8CVSS6AI score0.01001EPSS
Exploits0References1
OSV
OSV
added 2020/02/12 2:15 a.m.3 views

DEBIAN-CVE-2014-6262

Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argument to the rrdtool.graph function, aka ZEN-15415...

7.5CVSS8AI score0.07247EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/06 12:0 a.m.3 views

libpoe-component-irc-perl Formatting String Error Vulnerability

libpoe-component-irc-perl is an event-driven Perl IRC client module. A format string error vulnerability exists in versions of libpoe-component-irc-perl prior to 6.32, which can be exploited to execute arbitrary commands on a system by sending specially crafted IRC commands...

9.8CVSS7.5AI score0.01652EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.5 views

The vulnerability of the tcp_emu component of the hardware emulation software QEMU allows a hacker to disclose protected information.

The vulnerability of the tcpemu component slirp/tcpsubr.c of the QEMU hardware emulation software is related to incorrect initialization of data in calls to snprintf. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...

5.5CVSS7AI score0.00515EPSS
Exploits0References6Affected Software7
Veracode
Veracode
added 2019/05/02 4:59 a.m.41 views

Sensitive Information Disclosure

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...

6.2CVSS6.9AI score0.03181EPSS
Exploits8References36Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.31 views

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

7.9CVSS6.3AI score0.07313EPSS
Exploits11References18Affected Software2
Veracode
Veracode
added 2019/05/02 4:52 a.m.29 views

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

7.9CVSS6.3AI score0.07313EPSS
Exploits11References22Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.6 views

Information Disclosure

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

7.9CVSS7.7AI score0.07313EPSS
Exploits11References14Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.35 views

Information Disclosure

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

7.9CVSS6.3AI score0.07313EPSS
Exploits11References20Affected Software1
Veracode
Veracode
added 2019/05/02 4:45 a.m.20 views

Arbitrary Code Execution

Red Hat Certificate System RHCS is an enterprise software system designed to manage enterprise Public Key Infrastructure PKI deployments. The Token Processing System TPS is a PKI subsystem that acts as a Registration Authority RA for authenticating and processing enrollment requests, PIN reset...

7.5CVSS5.9AI score0.0222EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2019/05/02 4:42 a.m.47 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

9.8CVSS7.8AI score0.99998EPSS
Exploits60References9Affected Software1
Veracode
Veracode
added 2019/01/15 8:56 a.m.27 views

Arbitrary Code Execution

openjdk is vulnerable to arbitrary code execution attacks. The vulnerability exists as a format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute...

9.3CVSS7AI score0.06118EPSS
Exploits0References16Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.32 views

PHP 7.0.x < 7.0.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.1. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in the collatorsortwithsortkeys function due to improper clearing of pointers when destroying an array. An...

10CVSS10AI score0.23871EPSS
Exploits3References5
UbuntuCve
UbuntuCve
added 2018/07/27 2:29 p.m.30 views

CVE-2017-7519

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library...

4.4CVSS6.2AI score0.00501EPSS
Exploits1References1
OSV
OSV
added 2018/07/27 2:29 p.m.3 views

UBUNTU-CVE-2017-7519

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library...

4.4CVSS6.1AI score0.00501EPSS
Exploits1References2
OSV
OSV
added 2018/07/27 2:29 p.m.9 views

CVE-2017-7519

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library...

4.4CVSS5.8AI score0.00501EPSS
Exploits1References3
OSV
OSV
added 2018/07/27 2:29 p.m.1 views

DEBIAN-CVE-2017-7519

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library...

4.4CVSS6.7AI score0.00501EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/07/27 2:0 p.m.26 views

CVE-2017-7519

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library...

2.3CVSS5.8AI score0.00501EPSS
Exploits1References3
CNVD
CNVD
added 2018/07/09 12:0 a.m.3 views

IBM DB2 Privilege Mobilization Vulnerability

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A format string vulnerability exists in IBM DB2 including DB2 Connect Server on Linux, UNIX, and...

8.4CVSS8.2AI score0.00474EPSS
Exploits0References1
OSV
OSV
added 2018/06/20 12:29 p.m.4 views

CVE-2018-12590

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an...

7.2CVSS6.3AI score0.0167EPSS
Exploits0References1
Rows per page
Query Builder