Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4523

Malware in sbrugna...

6.5CVSS6.5AI score0.00889EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4524

Malware in sbrugna...

6.5CVSS6.4AI score0.01504EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4525

Malware in sbrugna...

8.8CVSS6.8AI score0.02471EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.5 views

PT-2022-26653 · Linaro · Lava

Name of the Vulnerable Software and Affected Versions: Linaro Automated Validation Architecture LAVA versions prior to 2022.10 Description: The issue is related to dynamic code execution in lava server/lavatable.py due to improper input sanitization. This allows an anonymous user to force the...

8.8CVSS8.7AI score0.01259EPSS
Exploits1References17
UbuntuCve
UbuntuCve
added 2018/06/19 5:29 a.m.18 views

CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

6.5CVSS6.6AI score0.01504EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/06/19 5:29 a.m.29 views

CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

6.5CVSS6.6AI score0.00889EPSS
Exploits0References2
Prion
Prion
added 2018/06/19 5:29 a.m.18 views

Design/Logic Flaw

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

4CVSS6.5AI score0.01504EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2018/06/19 5:29 a.m.10 views

CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

6.5CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2018/06/19 5:29 a.m.5 views

CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

6.5CVSS6.7AI score
Exploits0References1
NVD
NVD
added 2018/06/19 5:29 a.m.17 views

CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

6.5CVSS6.4AI score0.00889EPSS
Exploits0References1
Prion
Prion
added 2018/06/19 5:29 a.m.11 views

Design/Logic Flaw

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

4CVSS6.4AI score0.00889EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/19 5:29 a.m.26 views

CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

6.5CVSS6.7AI score0.01504EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/06/19 5:29 a.m.18 views

CVE-2018-12565

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load instead of yaml.safeload when parsing user data, remote code execution can occur...

8.8CVSS7AI score0.02471EPSS
Exploits0References2
NVD
NVD
added 2018/06/19 5:29 a.m.25 views

CVE-2018-12565

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load instead of yaml.safeload when parsing user data, remote code execution can occur...

8.8CVSS9AI score0.02471EPSS
Exploits0References2
Prion
Prion
added 2018/06/19 5:29 a.m.18 views

Remote code execution

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load instead of yaml.safeload when parsing user data, remote code execution can occur...

6.5CVSS9AI score0.02471EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2018/06/19 5:29 a.m.20 views

CVE-2018-12565

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load instead of yaml.safeload when parsing user data, remote code execution can occur...

8.8CVSS9.2AI score0.02471EPSS
Exploits0References2
OSV
OSV
added 2018/06/19 5:29 a.m.7 views

DEBIAN-CVE-2018-12565

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load instead of yaml.safeload when parsing user data, remote code execution can occur...

8.8CVSS8.3AI score0.02471EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/06/19 5:0 a.m.39 views

CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

6.5CVSS6.4AI score0.00889EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/06/19 5:0 a.m.28 views

CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml...

6.5CVSS6.3AI score0.01504EPSS
Exploits0
Cvelist
Cvelist
added 2018/06/19 5:0 a.m.20 views

CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml...

6.4AI score0.00889EPSS
Exploits0References1
Rows per page
Query Builder