Lucene search
K

165 matches found

OSV
OSV
added 2019/12/23 1:15 a.m.22 views

CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

7.5CVSS8.1AI score
Exploits0References11
OSV
OSV
added 2019/12/23 1:15 a.m.1 views

DEBIAN-CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

7.5CVSS8.7AI score0.06997EPSS
Exploits0References1
Prion
Prion
added 2019/12/23 1:15 a.m.25 views

Code injection

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

5CVSS8AI score0.06997EPSS
Exploits0References11Affected Software9
OSV
OSV
added 2019/12/23 1:15 a.m.3 views

UBUNTU-CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

7.5CVSS6.9AI score0.06997EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/12/23 1:15 a.m.40 views

CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...

7.5CVSS6.9AI score0.06997EPSS
Exploits0References3
Prion
Prion
added 2019/07/23 2:15 p.m.17 views

Cross site scripting

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

4.3CVSS6.3AI score0.01085EPSS
Exploits0References7Affected Software2
Debian CVE
Debian CVE
added 2019/07/23 1:17 p.m.22 views

CVE-2019-11720

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

6.1CVSS7.7AI score0.01085EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/07/18 6:24 a.m.24 views

CVE-2019-11720

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

6.1CVSS3.2AI score0.01085EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.5 views

The vulnerability of the pom.xml components and FilterScript.java plugin of the Jenkins Matrix Project allows a perpetrator to execute arbitrary code.

The vulnerability of the pom.xml components and FilterScript.java src/main/java/hudson/matrix/FilterScript.java of the Matrix Project plugin is related to errors in processing input data during syntax analysis of the code. Exploiting this vulnerability can allow a malicious actor to exit the...

9.9CVSS8AI score0.03394EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.3 views

The vulnerability of the Network-Based Application Recognition technology implementation in Cisco IOS and Cisco IOS XE operating systems allows attackers to trigger a service failure.

The vulnerability of the Network-Based Application Recognition technology in Cisco IOS and Cisco IOS XE operating systems exists due to errors in syntactic analysis of DNS packets. Exploiting this vulnerability allows a malicious actor, who has not undergone authentication checks, to trigger a...

7.8CVSS7.3AI score0.02516EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.4 views

The vulnerability of the ISDN function implementations in Cisco IOS and Cisco IOS XE operating systems allows a intruder to trigger a service failure.

The vulnerability of ISDN operating system functions in Cisco IOS and Cisco IOS XE exists due to errors in processing certain values in the Q.931 elements. Exploiting this vulnerability can allow an attacker to trigger a device reboot, resulting in service failure...

7.8CVSS7.3AI score0.02516EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2019/03/08 12:0 a.m.4 views

PT-2019-2301 · Jenkins · Jenkins Matrix Project Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Matrix Project Plugin versions 1.13 and earlier Description: A sandbox bypass issue exists, related to errors in input data processing during code parsing in components such as pom.xml and FilterScript.java. This allows attackers with...

9.9CVSS9.3AI score0.03394EPSS
Exploits0References10
Talos Blog
Talos Blog
added 2018/11/19 6:30 a.m.83 views

Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN

Vulnerabilities discovered by Carl Hurd and Jared Rittle of Cisco Talos. Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office SOHO routers. Talos discovered several bugs in this particular router...

6.5CVSS1.5AI score0.53297EPSS
Exploits4
Kitploit
Kitploit
added 2018/02/27 9:4 p.m.40 views

Protobuf-Inspector - Tool To Reverse-Engineer Protocol Buffers With Unknown Definition

Simple program that can parse Google Protobuf encoded blobs version 2 or 3 without knowing their accompanying definition. It will print a nice, colored representation of their contents. Example: As you can see, the field names are obviously lost, together with some high-level details such as:...

6.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/04/27 12:0 a.m.5 views

The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to breach the confidentiality of information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat are related to reading beyond the buffer limit and memory leaks resulting from parsing segment APP13 into JPEG files. Exploiting these...

4.3CVSS7.1AI score0.03404EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/11/23 12:0 a.m.47 views

FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)

reports : CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

7.1CVSS7.4AI score0.0721EPSS
Exploits2References13
CNVD
CNVD
added 2015/03/06 12:0 a.m.3 views

Memory Corruption Vulnerability in Ashampoo Photo Commander's Handling of ICO Images

Ashampoo Photo Commander Free is a photo management software from Germany. Ashampoo Photo Commander handles ICO images with logical errors that allow attackers to exploit vulnerabilities to parse malformed programs and cause the application to crash...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.55 views

[USN-2435-1] Graphviz vulnerability

========================================================================== Ubuntu Security Notice USN-2435-1 December 09, 2014 graphviz vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.4AI score0.05569EPSS
Exploits1
Ubuntu
Ubuntu
added 2014/12/09 1:54 a.m.55 views

USN-2435-1: Graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

7.5CVSS7.1AI score0.05569EPSS
Exploits1
OSV
OSV
added 2014/12/09 1:54 a.m.2 views

USN-2435-1 graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

7.5CVSS7AI score0.05569EPSS
Exploits1References2
Rows per page
Query Builder