Lucene search
+L

231 matches found

Redos
Redos
added 2021/09/08 12:0 a.m.13 views

ROS-2-2075

2.2075 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.7AI score0.61664EPSS
Exploits7
Redos
Redos
added 2021/09/08 12:0 a.m.7 views

ROS-2-1929

2.1929 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61664EPSS
Exploits6
Redos
Redos
added 2021/09/08 12:0 a.m.4 views

ROS-2-1993

2.1993 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS9.3AI score0.01905EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.8 views

ROS-2-1868

2.1868 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS9.9AI score0.06132EPSS
Exploits7
OSV
OSV
added 2021/09/03 12:41 p.m.8 views

SUSE-SU-2021:2953-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames bsc1188881. - CVE-2021-22930: Fixed use after free on close http2 on stream canceling bsc1188917. - CVE-2021-22939: Fixed incomplete validation of rejectUnauthorized parameter...

9.8CVSS7.6AI score0.37286EPSS
Exploits3References9
OSV
OSV
added 2021/08/24 1:12 p.m.6 views

SUSE-SU-2021:2823-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-3672: Fixed missing input validation on hostnames bsc1188881. - CVE-2021-22930: Fixed use after free on close http2 on stream canceling bsc1188917. - CVE-2021-22939: Fixed incomplete validation of rejectUnauthorized parameter...

9.8CVSS7.6AI score0.37286EPSS
Exploits3References9
OSV
OSV
added 2021/04/19 8:5 a.m.6 views

OPENSUSE-SU-2021:0575-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium 89.0.4389.128 boo1184700: CVE-2021-21206: Use after free in blink CVE-2021-21220: Insufficient validation of untrusted input in v8 for x8664 This update was imported from the openSUSE:Leap:15.2:Update update project...

8.8CVSS9.7AI score0.70435EPSS
Exploits6References4
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.6 views

The vulnerability of the RPD module in the JunOS operating system and JunOS Evolved allows a intruder to trigger a maintenance failure.

The vulnerability of the RPD module in the JunOS operating system and JunOS Evolved is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.5CVSS7.2AI score0.01276EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2021/03/10 12:0 a.m.33 views

SAP 3D Visual Enterprise Viewer Denial of Service Vulnerability (CNVD-2021-16366)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. A denial of service vulnerability exists in SAP 3D Visual Enterprise Viewer 9. The vulnerability stems from improper input validation. An attacker could exploit the vulnerability by means of a specially crafted .PSD...

4.3CVSS6.7AI score0.00716EPSS
Exploits0References1
OSV
OSV
added 2021/02/11 5:5 p.m.4 views

OPENSUSE-SU-2021:0274-1 Security update for nextcloud

This update for nextcloud fixes the following issues: - nextcloud was upgraded to version 20.0.7 - CVE-2020-8294: Fixed a missing link validation boo1181803 - CVE-2020-8295: Fixed a denial of service attack boo1181804 - CVE-2020-8293: Fixed an input validation issue boo1181445 This update was...

7.5CVSS7.8AI score0.01807EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2021/02/03 12:0 a.m.5 views

PT-2021-1935 · Cisco · Cisco Small Business Rv260W +4

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers affected versions not specified Description: The issue is related to insufficient input validation in the web-based management interface of the affected devices, allowi...

9.4CVSS7.4AI score0.0369EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2020/11/10 12:0 a.m.7 views

The vulnerability of the Shared Services component of the Hyperion Lifecycle Management system allows a attacker to access data for modification, addition, or deletion.

The vulnerability of the Shared Services component of the Hyperion Lifecycle Management system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data using the HTTP network protocol...

4.9CVSS6.4AI score0.00841EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/06/08 7:32 a.m.6 views

SUSE-SU-2020:1552-1 Security update for dpdk

This update for dpdk fixes the following issues: - CVE-2020-10722: Fixed an integer overflow in vhostusersetlogbase bsc1171930. - CVE-2020-10723: Fixed an integer truncation in vhostusercheckandallocqueuepair bsc1171925. - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto bsc11719...

6.7CVSS6.1AI score0.00378EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2020/05/15 12:0 a.m.10 views

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in insufficient validation of input data, allowing attackers to execute spear-phishing attacks.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks using a specially created request sent to the...

5.4CVSS6.2AI score0.01626EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.4 views

The vulnerability of the web protection component of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, and Kaspersky Security Cloud allows a malicious actor to disable certain security functions of the product, such as private browsing and antivirus protection.

The vulnerability of the web protection component of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, and Kaspersky Security Cloud lies in insufficient validation of input data. Exploiting this vulnerability c...

4.3CVSS5.5AI score0.00844EPSS
Exploits0References3Affected Software6
OSV
OSV
added 2019/12/11 10:19 a.m.5 views

SUSE-SU-2019:3266-1 Security update for strongswan

This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. - CVE-2018-10811: Fixed...

7.5CVSS7.2AI score0.07124EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.13 views

The vulnerability of the Qualcomm TrustZone component of the Android operating system allows a hacker to trigger a service failure.

The vulnerability of the Qualcomm TrustZone component of the Android operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow a perpetrator to cause service interruptions...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References2
Apple
Apple
added 2017/01/23 5:36 a.m.48 views

About the security content of watchOS 3.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

9.3CVSS0.3AI score0.03731EPSS
Exploits5Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/06/09 12:0 a.m.7 views

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the bcpowmod function ext/bcmath/bcmath.c in the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially have other adverse effects through specially crafted call...

7.5CVSS7.5AI score0.06229EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Rapid Classified 3.1 search.asp SH1 Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

7.1AI score
Exploits0
Rows per page
Query Builder