Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4209 matches found

OSV
OSVadded 2020/01/23 6:15 p.m.13 views

CVE-2020-7220

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2...

7.5CVSS6.7AI score
Exploits0References2
Prion
Prionadded 2020/01/23 6:15 p.m.15 views

Denial of service

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2...

4.3CVSS7.4AI score0.00286EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/01/23 5:41 p.m.15 views

CVE-2020-7220

HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. Fixed in 1.3.2...

7.4AI score0.00286EPSS
Exploits0References2
CVE
CVEadded 2020/01/23 5:41 p.m.85 views

CVE-2020-7220

The CVE-2020-7220 issue affects HashiCorp Vault Enterprise 0.11.0–1.3.1, where dynamic secrets for a mount in a deleted namespace may not be revoked. Root cause: failure to revoke secrets under certain namespace deletion scenarios. Impact: potential exposure of previously issued dynamic secrets. ...

7.5CVSS7.3AI score0.00286EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVASadded 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1232)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.3AI score0.0004EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/01/23 12:0 a.m.4 views

PT-2020-19474 · Hashicorp · Hashicorp Vault Enterprise

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault Enterprise versions 0.11.0 through 1.3.1 Description: The issue arises when HashiCorp Vault Enterprise fails to revoke dynamic secrets for a mount in a deleted namespace under certain circumstances. This problem does not speci...

7.5CVSS7.2AI score0.00286EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2020/01/22 9:26 p.m.1 views

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

8CVSS7AI score0.00048EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2020/01/22 10:5 a.m.23 views

Mapbox: Reflected XSS via XML Namespace URI on https://go.mapbox.com/index.php/soap/

On January 22, 2020 user @h4ck3d reported a reflected XSS vulnerability via an XML Namespace URI on go.mapbox.com. Using the information provided by the researcher, we deployed a patch to this page on February 11, 2020...

0.5AI score
Exploits0
Hacker One
Hacker Oneadded 2020/01/21 6:10 a.m.45 views

Kubernetes: Compromise of auth via subset/superset namespace names.

Report Submission Form Summary: Use of nginx.ingress.kubernetes.io/auth annotations results in a file named namespace-ingress.passwd. If user knows the namespace and ingress of an ingress they want to compromise they need to be able to create a namespace that is some subset of namespace-ingress...

4.9CVSS1AI score0.00523EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/01/16 12:2 p.m.113 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.2AI score0.56192EPSS
Exploits8References7
RedHat Linux
RedHat Linuxadded 2020/01/16 12:2 p.m.2 views

Mozilla: Bypass of @namespace CSS sanitization during pasting

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/01/16 11:56 a.m.2 views

Mozilla: Bypass of @namespace CSS sanitization during pasting

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References5
Gitee
Giteeadded 2020/01/14 8:53 p.m.13 views

Exploit for Use After Free in Linux Linux_Kernel

This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities, including CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955, among others. The exploits are implemented in C and use various techniques, such as KASLR and SMEP/SMAP...

7.8CVSS7.1AI score0.87EPSS
Exploits64
RedHat Linux
RedHat Linuxadded 2020/01/14 6:46 p.m.5 views

Mozilla: Bypass of @namespace CSS sanitization during pasting

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References5
OpenVAS
OpenVASadded 2020/01/14 12:0 a.m.28 views

openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2020:0045-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.1AI score0.0032EPSS
Exploits1References2
OSV
OSVadded 2020/01/13 5:16 p.m.6 views

OPENSUSE-SU-2020:0045-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory bsc1152308. Bug fixes: - Update to Docker...

7.5CVSS7.9AI score0.0032EPSS
Exploits1References8
RedHat Linux
RedHat Linuxadded 2020/01/13 2:52 p.m.2 views

Mozilla: Bypass of @namespace CSS sanitization during pasting

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/01/13 2:27 p.m.1 views

Mozilla: Bypass of @namespace CSS sanitization during pasting

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References5
OSV
OSVadded 2020/01/08 10:15 p.m.1 views

DEBIAN-CVE-2019-17016

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.1AI score0.01798EPSS
Exploits0References1
OSV
OSVadded 2020/01/08 10:15 p.m.0 views

UBUNTU-CVE-2019-17016

When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

6.1CVSS7.3AI score0.01798EPSS
Exploits0References11
Rows per page
Query Builder