Lucene search
K

485 matches found

CNVD
CNVD
added 2020/02/05 12:0 a.m.2 views

OSSEC-HIDS Server Component Buffer Overflow Vulnerability

OSSEC-HIDS is an open source intrusion detection tool. A buffer overflow vulnerability exists in the OSSEC-HIDS server component. The vulnerability originates when a network system or product performs operations on memory without properly validating data boundaries, resulting in incorrect read an...

8.8CVSS7.3AI score0.02385EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.3 views

Vulnerability of the Server component: The Optimizer of the MySQL Server database management system, which allows attackers to cause service failures.

The vulnerability of the Server component of the MySQL Server database management system’s optimizer is related to resource release errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions through network packets...

6.8CVSS6.3AI score0.01878EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/01/30 1:15 a.m.18 views

CVE-2020-8447

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

9.8CVSS6.8AI score
Exploits0References4
NVD
NVD
added 2020/01/30 1:15 a.m.18 views

CVE-2020-8443

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...

9.8CVSS9.7AI score0.02685EPSS
Exploits2References4
OSV
OSV
added 2020/01/30 1:15 a.m.13 views

CVE-2020-8442

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...

8.8CVSS7.1AI score
Exploits0References4
Prion
Prion
added 2020/01/30 1:15 a.m.17 views

Heap overflow

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...

7.5CVSS9.6AI score0.02685EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2020/01/30 1:15 a.m.15 views

Null pointer dereference

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a denial of service NULL pointer dereference via crafted messages written directly to the analysisd UNIX domain socket by a local user...

2.1CVSS6.2AI score0.00492EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2020/01/30 1:15 a.m.13 views

Design/Logic Flaw

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

7.5CVSS9.3AI score0.01939EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2020/01/30 1:15 a.m.18 views

Heap overflow

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...

6.5CVSS9.1AI score0.02385EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2020/01/30 12:34 a.m.23 views

CVE-2020-8442

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...

9.4AI score0.02385EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/01/30 12:34 a.m.20 views

CVE-2020-8443

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...

9.7AI score0.02685EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/01/30 12:33 a.m.21 views

CVE-2020-8447

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

9.5AI score0.01939EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/01/30 12:32 a.m.24 views

CVE-2020-8448

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a denial of service NULL pointer dereference via crafted messages written directly to the analysisd UNIX domain socket by a local user...

7.1AI score0.00492EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2017-1323)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.6AI score0.00438EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/01/11 9:26 p.m.31 views

CVE-2018-3279

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Roles. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS1.9AI score0.02108EPSS
Exploits0References2
Prion
Prion
added 2019/12/30 8:15 p.m.16 views

Denial of service

A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption...

7.8CVSS6.9AI score0.04254EPSS
Exploits0References13Affected Software2
CVE
CVE
added 2019/12/30 7:57 p.m.87 views

CVE-2012-5645

Affects Freeciv server component prior to 2.3.4. A remote attacker can send a specially-crafted network packet, which, when processed, may exhaust memory or cause unbounded CPU usage, resulting in a denial-of-service. The issue is described across multiple sources (NVD, OSV, Debian/Ubuntu tracker...

7.8CVSS7.2AI score0.04254EPSS
Exploits0References13Affected Software1
Debian CVE
Debian CVE
added 2019/12/30 7:57 p.m.22 views

CVE-2012-5645

A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption...

7.8CVSS7.3AI score0.04254EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/12/20 2:50 a.m.33 views

CVE-2017-10384

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS2AI score0.03103EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/06 12:0 a.m.3 views

TIBCO Software EBX Web Server Component Cross-Site Scripting Vulnerability

TIBCO Software EBX is a suite of enterprise data management solutions from TIBCO Software, USA. A cross-site scripting vulnerability exists in the web server component of TIBCO Software EBX, which stems from a lack of proper validation of client data in the web application and can be exploited by...

9.6CVSS6.6AI score0.00968EPSS
Exploits0References1
Rows per page
Query Builder