Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.8 views

CVE-2019-12250

IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logger is not...

6.1CVSS5.6AI score0.00848EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:42 p.m.6 views

CVE-2009-0130

lib/crypto/csrc/cryptodrv.c in erlang does not properly check the return value from the OpenSSL DSAdoverify function, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: a package...

7.5CVSS6.9AI score0.05146EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.6 views

SUSE CVE-2019-9192

In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...

7.5CVSS7.8AI score0.02447EPSS
Exploits1References3
OSV
OSV
added 2019/04/21 2:29 a.m.9 views

CVE-2019-11389

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with next at the beginning and nested repetition operators. NOTE: the...

5.3CVSS5.1AI score
Exploits0References2
OSV
OSV
added 2019/02/26 6:29 p.m.14 views

CVE-2019-9192

In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...

7.5CVSS7.8AI score
Exploits0References2
OSV
OSV
added 2018/11/26 7:29 a.m.1 views

CVE-2018-19556

zbsystem/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles file preview, leading to content spoofing. NOTE: the software maintainer disputes that this is a vulnerability...

4.3CVSS5.8AI score0.01015EPSS
Exploits1References2
OSV
OSV
added 2009/01/15 5:30 p.m.9 views

CVE-2009-0130

lib/crypto/csrc/cryptodrv.c in erlang does not properly check the return value from the OpenSSL DSAdoverify function, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: a package...

7.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2009/01/15 12:0 a.m.4 views

PT-2009-2823 · Openssl +2 · Openssl +2

Name of the Vulnerable Software and Affected Versions: Erlang affected versions not specified Description: The issue is related to the improper checking of the return value from the OpenSSL DSA do verify function in the Erlang crypto drv.c module. This might allow remote attackers to bypass...

7.5CVSS6.4AI score0.0122EPSS
Exploits1References10
Rows per page
Query Builder