Lucene search
+L

148 matches found

OSV
OSV
added 2022/07/28 12:15 a.m.7 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS5.5AI score0.0035EPSS
Exploits1References2
NVD
NVD
added 2022/07/28 12:15 a.m.27 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS0.0035EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/28 12:15 a.m.3 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS5.9AI score0.0035EPSS
Exploits1References3
Prion
Prion
added 2022/07/28 12:15 a.m.13 views

Cross site scripting

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

1.9CVSS5.2AI score0.0035EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/07/28 12:15 a.m.25 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS6.1AI score0.0035EPSS
Exploits1References3
OSV
OSV
added 2022/07/28 12:15 a.m.5 views

UBUNTU-CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS5.8AI score0.0035EPSS
Exploits1References4
CVE
CVE
added 2022/07/27 11:23 p.m.62 views

CVE-2022-34009

CVE-2022-34009 affects Fossil 2.18 on Windows. The vulnerability arises from ticket data being stored in a temporary file and the software not properly handling the absence of that file after Windows Defender flags it as malware, enabling a denial-of-service via an XSS payload in a ticket that cr...

5.5CVSS5.2AI score0.0035EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/27 11:23 p.m.31 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5AI score0.0035EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/07/27 11:23 p.m.76 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS5.3AI score0.0035EPSS
Exploits1
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.6 views

Fossil 跨站脚本漏洞

Fossil is a simple, highly reliable distributed software configuration management system. A security vulnerability exists in Fossil version 2.18 that stems from ticket data being stored in a temporary file and the product's inability to correctly handle the file's absence after Windows Defender...

5.5CVSS5.7AI score0.0035EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.8 views

PT-2022-21965 · Microsoft · Windows Defender

Name of the Vulnerable Software and Affected Versions: Fossil version 2.18 Description: The issue allows attackers to cause a denial of service, resulting in a daemon crash, by utilizing an XSS payload in a ticket. This happens because ticket data is stored in a temporary file, and the product...

5.5CVSS5.4AI score0.0035EPSS
Exploits1References6
Fedora
Fedora
added 2022/07/20 1:40 a.m.14 views

[SECURITY] Fedora 35 Update: reposurgeon-4.31-2.fc35

Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...

0.5AI score
Exploits0
Fedora
Fedora
added 2022/07/13 2:0 a.m.30 views

[SECURITY] Fedora 36 Update: reposurgeon-4.32-2.fc36

Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...

9.3CVSS0.5AI score0.0995EPSS
Exploits4
Schneier on Security
Schneier on Security
added 2022/03/11 10:1 p.m.19 views

Friday Squid Blog: 328-million-year-old Vampire Squid Ancestor Discovered

A fossilized ancestor of the vampire squid -- with ten arms -- was discovered and named Syllipsimopodi bideni after President Biden. Heres the research paper. Note: Vampire squids are not squids. Yes, its weird. As usual, you can also use this squid post to talk about the security stories in the...

1.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/01 11:15 a.m.4 views

buildbot-fossil (=0.3.0), epcpm (>=2019.2.3 <=2021.7.0) +4 more potentially affected by CVE-2022-23607 via treq (>=21.1.0 <=21.5.0)

treq PYPI version =21.1.0, =2019.2.3, =0.0.0, =0.8.0, =0.8.0, =1.0.2, =1.1.2 Source cves: CVE-2022-23607 Source advisory: OSV:PYSEC-2022-26...

6.5CVSS6.5AI score0.01083EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/01 12:43 a.m.4 views

buildbot-fossil (>=0.1.0 <=0.3.0), crossbar (=17.3.1) +8 more potentially affected by CVE-2022-23607 via treq (>=17.3.1 <=21.5.0)

treq PYPI version =17.3.1, =0.1.0, =2019.2.3, =0.0.0, =0.8.0, =0.8.0, =1.0.2, =0.100.2, =0.1.0, =0.1.2 Source cves: CVE-2022-23607 Source advisory: OSV:GHSA-FHPF-PP6P-55QC...

6.5CVSS6.5AI score0.01083EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2021-0491)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.00574EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2017-0285)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2020-0354)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.03122EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2018-0042)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.8AI score0.02805EPSS
Exploits0References4
Rows per page
Query Builder