Lucene search
K

81 matches found

Debian
Debian
added 2018/03/30 3:34 p.m.33 views

[SECURITY] [DLA 1331-1] mercurial security update

Package : mercurial Version : 2.2.2-4+deb7u7 CVE ID : CVE-2018-1000132 Debian Bug : 892964 Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network...

9.1CVSS6.9AI score0.02687EPSS
Exploits0
CNVD
CNVD
added 2018/03/19 12:0 a.m.1 views

Mercurial Protocol Server Access Control Error Vulnerability

Mercurial is a software developer Matt Mackall developed a set of cross-platform distributed version control software written in Python. The software supports simultaneous processing of plain text and binary files , etc. Protocol server is one of the protocol server . An access control error...

9.1CVSS9.4AI score0.02687EPSS
Exploits0References1
PyPA
PyPA
added 2018/03/14 1:29 p.m.5 views

PYSEC-2018-87

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS6.9AI score0.02687EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2018/03/14 1:29 p.m.1 views

UBUNTU-CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS6.8AI score0.02687EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/03/14 1:29 p.m.27 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS6.8AI score0.02687EPSS
Exploits0References3
Prion
Prion
added 2018/03/14 1:29 p.m.22 views

Improper access control

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

6.4CVSS9.3AI score0.02687EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/03/14 1:29 p.m.4 views

ALPINE-CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS6.9AI score0.02687EPSS
Exploits0References1
OSV
OSV
added 2018/03/14 1:29 p.m.1 views

DEBIAN-CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS9.3AI score0.02687EPSS
Exploits0References1
OSV
OSV
added 2018/03/14 1:29 p.m.25 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS9.4AI score
Exploits0References5
Debian CVE
Debian CVE
added 2018/03/14 1:0 p.m.27 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS7.6AI score0.02687EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/03/14 1:0 p.m.40 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS9.1AI score0.02687EPSS
Exploits0
Cvelist
Cvelist
added 2018/03/14 1:0 p.m.36 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

8.9AI score0.02687EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/03/14 3:18 a.m.26 views

CVE-2018-1000132

Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1...

9.1CVSS6.9AI score0.02687EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 10:29 a.m.5 views

CVE-2017-12724

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured ...

8.1CVSS5.8AI score0.01348EPSS
Exploits0References2
OSV
OSV
added 2017/09/29 1:34 a.m.3 views

CVE-2017-12230

A vulnerability in the web-based user interface web UI of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by using the web UI of the...

8.8CVSS5.8AI score0.03175EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2010/10/19 8:0 p.m.3 views

CVE-2007-6737

FTPServer.py in pyftpdlib before 0.2.0 does not increment the attemptedlogins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack...

7.5CVSS5.5AI score0.01354EPSS
Exploits0References5
securityvulns
securityvulns
added 2007/05/04 12:0 a.m.37 views

iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability

LiveData Protocol Server Heap Overflow Vulnerability iDefense Security Advisory 05.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ May 02, 2007 I. BACKGROUND LiveData is a provider of real-time data acquisition and processing software. LiveData Protocol Server is used in SCADA...

0.8AI score
Exploits0
Cvelist
Cvelist
added 2007/05/03 11:0 p.m.17 views

CVE-2007-2489

Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 5.00.062, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a...

8AI score0.08386EPSS
Exploits0References8
CVE
CVE
added 2007/05/03 11:0 p.m.51 views

CVE-2007-2489

Affected software : LiveData Protocol Server (5.00.045 and older up to 5.00.062). Vulnerability : Heap-based buffer overflow caused by a crafted WSDL request that makes a negative length be passed to strncpy, leading to possible code execution or denial of service. The issue is triggered by overs...

10CVSS8AI score0.08386EPSS
Exploits0References8Affected Software1
CERT
CERT
added 2007/05/03 12:0 a.m.23 views

LiveData Protocol Server fails to properly handle requests for WSDL files

Overview The LiveData Protocol Server fails to properly handle requests. This vulnerability may allow a remote attacker to execute arbitrary code. Description The LiveData Protocol Server is real-time data acquisition and processing software used to record and transmit data among process control...

10CVSS7.7AI score0.08386EPSS
Exploits0References3
Rows per page
Query Builder