Lucene search
+L

91 matches found

osv
osv
added 2021/10/15 11:3 a.m.6 views

OESA-2021-1388 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

9.1CVSS7.2AI score0.01739EPSS
Exploits0References2
redhat
redhat
added 2020/11/30 10:40 a.m.6 views

Mozilla: DoH did not filter IPv4 mapped IP Addresses

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...

6.5CVSS7.3AI score0.01151EPSS
Exploits0References5
osv
osv
added 2020/10/29 4:15 a.m.4 views

CVE-2020-11615

NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure...

7.5CVSS7.1AI score0.01247EPSS
Exploits0References1
osv
osv
added 2020/04/15 9:15 p.m.6 views

CVE-2020-1632

In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service DoS...

8.6CVSS7.3AI score0.01062EPSS
Exploits0References1
osv
osv
added 2019/10/21 5:15 a.m.9 views

UBUNTU-CVE-2019-18218

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS7.4AI score0.0185EPSS
Exploits1References4
osv
osv
added 2019/01/09 4:29 p.m.2 views

DEBIAN-CVE-2018-20679

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...

7.5CVSS6.6AI score0.07694EPSS
Exploits2References1
osv
osv
added 2018/02/02 1:29 a.m.2 views

DEBIAN-CVE-2018-6521

The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote attackers to bypass intended access restrictions...

9.8CVSS9.1AI score0.03053EPSS
Exploits1References1
cnvd
cnvd
added 2018/02/02 12:0 a.m.3 views

SimpleSAML php Access Restriction Bypass Vulnerability

SimpleSAMLphp is a program written in native PHP to handle authentication. An access restriction bypass vulnerability exists in SimpleSAMLphp before 1.15.2. The vulnerability arises because the sqlauth module in SimpleSAMLphp relies on the MySQL utf8 character set, which truncates queries when it...

9.8CVSS6.9AI score0.03053EPSS
Exploits1References1
cnvd
cnvd
added 2017/12/07 12:0 a.m.5 views

Multiple Huawei Products IKEv2 Protocol Memory Out-of-Bounds Access Vulnerability

Huawei IPS Module, NGFW Module, NIP6300/6600 series products and Secospace USG series are the new generation of professional intrusion prevention and firewall products launched by Huawei for enterprise, IDC, campus network and carrier customers. A memory out-of-bounds access vulnerability exists ...

7.5CVSS6.8AI score0.00925EPSS
Exploits0References1
cnvd
cnvd
added 2015/08/06 12:0 a.m.22 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2015-05150)

WordPress is a blogging platform developed using the PHP language. A cross-site scripting vulnerability exists in WordPress versions prior to 4.1.2, which can be exploited by remote attackers to inject arbitrary web script or HTML with the help of four-byte UTF-8 characters or invalid characters...

4.3CVSS5.9AI score0.08467EPSS
Exploits1References1
redhat
redhat
added 2005/05/11 8:40 a.m.6 views

security flaw

The rsvpprint function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service infinite loop via a crafted RSVP packet of length 4...

5CVSS5.9AI score0.10187EPSS
Exploits1References4
Rows per page
Query Builder