CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Hacker One•added 2018/05/16 9:42 a.m.•12 views

Passit: `X-XSS-Protection` header has not been set at app.passit.io

Hi X-Xss-Protection at app.passit.io has not been set. Impact This header is used to configure the built in reflective XSS protection found in Internet Explorer, Chrome and Safari Webkit. Valid settings for the header are 0, which disables the protection, 1 which enables the protection and 1;...

0.4AI score

Debian•added 2018/05/08 10:29 a.m.•21 views

[SECURITY] [DSA 4195-1] wget security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4195-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 08, 2018 https://www.debian.org/security/faq -...

6.5CVSS7AI score0.63737EPSS

Exploits5

Metasploit•added 2018/05/07 1:25 p.m.•54 views

PlaySMS import.php Authenticated CSV File Upload Code Execution

This module exploits an authenticated file upload remote code excution vulnerability in PlaySMS Version 1.4. This issue is caused by improper file contents handling in import.php aka the Phonebook import feature. Authenticated Users can upload a CSV file containing a malicious payload via vectors...

10AI score

OSV•added 2018/05/07 12:56 p.m.•18 views

SUSE-SU-2018:1161-1 Security update for apache2

This update for apache2 fixes the following issues: CVE-2018-1283: when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a 'Session' header leading to unexpected behavior bsc1086814...

9.8CVSS7AI score0.93618EPSS

Exploits0References14

OpenVAS•added 2018/05/07 12:0 a.m.•40 views

Debian: Security Advisory (DSA-4195-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.63737EPSS

Exploits5References4

Tenable Nessus•added 2018/04/27 12:0 a.m.•39 views

RHEL 6 : JBoss Enterprise Application Platform 7.1.2 on RHEL 6 (Important) (RHSA-2018:1248)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1248 advisory. - undertow: Path traversal in ServletResourceManager class CVE-2018-1047 - undertow: HTTP header injection using CRLF with UTF-8 Encoding...

Tenable Nessus•added 2018/04/27 12:0 a.m.•55 views

Exploits0References10

RHEL 7 : JBoss Enterprise Application Platform 7.1.2 for RHEL 7 (Important) (RHSA-2018:1247)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1247 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

9.8CVSS7.3AI score0.02038EPSS

Exploits0References10

Tenable Nessus•added 2018/04/27 12:0 a.m.•43 views

RHEL 6 / 7 : jboss-ec2-eap package for EAP 7.1.2 (Important) (RHSA-2018:1249)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1249 advisory. The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services AWS...

Exploit DB•added 2018/04/26 12:0 a.m.•39 views

Exploits0References10

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot

Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Date: 25/04/2018 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link: https://www.tp-link.com/en/download/TL-WA850RE.html Category: dos 1. www.shodan.io with title...

7AI score

RedHat Linux•added 2018/04/25 7:43 p.m.•140 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.2 security update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 7.1.2, fixes several bugs, and adds various enhancements are now available for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

RedHat Linux•added 2018/04/25 6:33 p.m.•80 views

Important: Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.1.2

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1.2 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impa...

9.8CVSS7AI score0.02038EPSS

RedHat Linux•added 2018/04/25 6:21 p.m.•91 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.2 for RHEL 7

Updated packages that provide Red Hat JBoss Enterprise Application Platform 7.1.2 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

RedHat Linux•added 2018/04/25 6:21 p.m.•105 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.2 on RHEL 6

Updated packages that provide Red Hat JBoss Enterprise Application Platform 7.1.2 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...