Lucene search
K

229 matches found

Debian CVE
Debian CVE
added 2019/11/05 9:30 a.m.46 views

CVE-2019-3685

Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary...

7.7CVSS7.5AI score0.00714EPSS
Exploits1
CVE
CVE
added 2019/11/05 9:30 a.m.141 views

CVE-2019-3685

Open Build Service osc client did not validate TLS certificates for HTTPS connections before version 0.165.4. Affected components: osc binary used by Open Build Service. Impact: potential trust/security risk due to improper TLS validation (CVSS data in sources indicates high severity). Remediatio...

7.7CVSS7.6AI score0.00714EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/10/30 12:0 a.m.3 views

Open Build Service Input Validation Vulnerability

Open Build Service OBS is a general purpose system for building and distributing software packages from source code in an automated, consistent and repeatable manner. Open Build Service 51a17c553b6ae2598820b7a90fd0c11502a49106 An input validation vulnerability exists in previous versions of...

9.8CVSS7.4AI score0.01363EPSS
Exploits0References1
OSV
OSV
added 2018/10/09 1:29 p.m.4 views

UBUNTU-CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

7.5CVSS6.9AI score0.01745EPSS
Exploits0References3
OSV
OSV
added 2018/10/09 1:29 p.m.3 views

DEBIAN-CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

7.5CVSS6.9AI score0.01745EPSS
Exploits0References1
OSV
OSV
added 2018/10/09 1:29 p.m.4 views

CVE-2018-12474

Improper input validation in obs-service-tarscm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to...

9.8CVSS5.6AI score0.01363EPSS
Exploits0References2
OSV
OSV
added 2018/10/09 1:29 p.m.18 views

CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

7.5CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2018/10/09 1:29 p.m.17 views

Input validation

Improper input validation in obs-service-tarscm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to...

7.5CVSS9.2AI score0.01363EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/10/09 1:29 p.m.6 views

CVE-2018-12478

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown...

6.5CVSS5.8AI score0.01504EPSS
Exploits0References1
OSV
OSV
added 2018/10/09 1:29 p.m.4 views

CVE-2018-12477

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refreshpatches to delete them. Affected releases are openSUSE Open Build Service: versions prior to...

7.5CVSS5.8AI score0.01169EPSS
Exploits0References2
Prion
Prion
added 2018/10/09 1:29 p.m.22 views

Input validation

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

5CVSS7.5AI score0.01745EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/10/09 1:29 p.m.15 views

Design/Logic Flaw

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refreshpatches to delete them. Affected releases are openSUSE Open Build Service: versions prior to...

6.4CVSS7.5AI score0.01169EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/10/09 1:29 p.m.20 views

Input validation

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown...

4.3CVSS6.5AI score0.01504EPSS
Exploits0References1
NVD
NVD
added 2018/10/09 1:29 p.m.25 views

CVE-2018-12478

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown...

6.5CVSS5.5AI score0.01504EPSS
Exploits0References1
NVD
NVD
added 2018/10/09 1:29 p.m.21 views

CVE-2018-12474

Improper input validation in obs-service-tarscm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to...

9.8CVSS6.5AI score0.01363EPSS
Exploits0References2
NVD
NVD
added 2018/10/09 1:29 p.m.17 views

CVE-2018-12477

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refreshpatches to delete them. Affected releases are openSUSE Open Build Service: versions prior to...

7.5CVSS5AI score0.01169EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/10/09 1:29 p.m.27 views

CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

7.5CVSS6.9AI score0.01745EPSS
Exploits0References2
NVD
NVD
added 2018/10/09 1:29 p.m.26 views

CVE-2018-12479

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

7.5CVSS6.9AI score0.01745EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/10/09 1:0 p.m.23 views

CVE-2018-12479 Request controller allows to create requests with arbitrary request IDs

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to cause DoS by specifying crafted request IDs. Affected releases are openSUSE Open Build Service: versions prior to 01b015ca2a320afc4fae823465d1e72da8bd60df...

6.5CVSS7.5AI score0.01745EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/10/09 1:0 p.m.29 views

CVE-2018-12478 obs-service-replace_using_package_version allows to specify arbitrary input files

A Improper Input Validation vulnerability in Open Build Service allows remote attackers to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown...

4.8CVSS6.5AI score0.01504EPSS
Exploits0References1
Rows per page
Query Builder