Lucene search
K

3048 matches found

OSV
OSV
added 2019/05/22 8:29 p.m.3 views

CVE-2017-8341

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing...

5.3CVSS5.8AI score0.0101EPSS
Exploits0References3
Veracode
Veracode
added 2019/05/16 2:50 a.m.30 views

Arbitrary Code Execution

glibc is vulnerable to arbitrary code execution. A local authenticated attacker could write before the destination buffer leading to a buffer underflow and potential code execution due to a confusion in the usage of getcwd by realpath. Affected is the function realpath in the library...

7.8CVSS8.9AI score0.13614EPSS
Exploits9References36Affected Software1
Veracode
Veracode
added 2019/05/16 2:25 a.m.20 views

Memory Corruption

Firefox is vulnerable to memory corruption attacks. This occurs in the Skia library during graphic operations. An attacker could use this flaw to cause denial of service conditions...

9.8CVSS9.1AI score0.0318EPSS
Exploits0References18Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/05/16 12:0 a.m.5 views

The vulnerability of the struct library in the Lua subsystem of the Redis database management system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

Vulnerability of the struct library in the Lua subsystem of the Redis database management system. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.1AI score0.07056EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/05/16 12:0 a.m.6 views

The vulnerability of the JSON-lib library used in REST plugins of the Apache Struts software framework allows attackers to induce a service failure.

The vulnerability of the JSON-Lib library used in Apache Struts’ REST framework programming platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.7AI score0.04889EPSS
Exploits2References4Affected Software3
OSV
OSV
added 2019/05/15 4:29 p.m.3 views

UBUNTU-CVE-2019-8936

NTP through 4.2.8p12 has a NULL Pointer Dereference...

7.5CVSS7.3AI score0.05726EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2019/05/14 12:0 a.m.4 views

PT-2019-12184 · Tibco · Tibco Spotfire Server +1

Name of the Vulnerable Software and Affected Versions: TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.2.0 TIBCO Spotfire Server versions up to and including 10.2.0 Description: The Spotfire library component contains vulnerabilities that theoretically allow ...

5.3CVSS4.8AI score0.01613EPSS
Exploits0References4
OSV
OSV
added 2019/05/09 5:29 a.m.3 views

DEBIAN-CVE-2019-11835

cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments...

9.8CVSS8.6AI score0.02556EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2019/05/02 3:21 p.m.5 views

com.github.oscerd:camel-cassandra (=2.23.0), com.playtika.sleuth:sleuth-camel-core (=1.0.2) +664 more potentially affected by CVE-2019-0194 via org.apache.camel:camel-core (=2.23.0)

org.apache.camel:camel-core MAVEN version =2.23.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-core and may be impacted: - com.github.oscerd:camel-cassandra =2.23.0 - com.playtika.sleuth:sleuth-camel-core =1.0.2 -...

7.5CVSS7AI score0.08482EPSS
Exploits1
Veracode
Veracode
added 2019/05/02 5:7 a.m.26 views

Arbitrary Code Execution

java-1.8.0-openjdk is vulnerable to arbitrary code execution. The vulnerability exists through Libraries...

10CVSS5AI score0.04577EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2019/04/24 9:29 p.m.30 views

PYSEC-2019-205

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...

9.8CVSS7.2AI score0.00486EPSS
Exploits0References2
OSV
OSV
added 2019/04/23 9:29 p.m.17 views

PYSEC-2019-208

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

8.8CVSS7.5AI score0.00646EPSS
Exploits0References2
OSV
OSV
added 2019/04/16 3:50 p.m.2 views

GHSA-38FC-9XQV-7F7Q SQLAlchemy is vulnerable to SQL Injection via group_by parameter

SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

9.3CVSS7.2AI score0.01777EPSS
Exploits1References15
NVD
NVD
added 2019/04/11 8:29 p.m.14 views

CVE-2019-9628

The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...

7.5CVSS7.4AI score0.02052EPSS
Exploits0References7
OSV
OSV
added 2019/04/04 2:30 p.m.3 views

USN-3936-1 advancecomp vulnerability

It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS6AI score0.01424EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.4 views

The vulnerability of the Django library for the Python programming language, which allows attackers to compromise the integrity of protected information

The vulnerability of the Django library for the Python programming language is related to insufficient elimination of special elements in the output data used by the lower-level component. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.5CVSS6.5AI score0.03685EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2019/04/03 6:29 p.m.2 views

CVE-2018-4305

An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5...

6.5CVSS5.8AI score0.00549EPSS
Exploits0References3
OSV
OSV
added 2019/04/03 2:29 p.m.1 views

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...

7.8CVSS6.2AI score0.00508EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.232 views

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2019-1177)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker...

3.1CVSS6.5AI score0.03374EPSS
Exploits0References2
OSV
OSV
added 2019/03/25 12:29 a.m.4 views

UBUNTU-CVE-2019-10025

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits...

5.5CVSS6.4AI score0.00873EPSS
Exploits1References3
Rows per page
Query Builder