Lucene search
K

31 matches found

Cvelist
Cvelist
added 2021/01/05 2:3 p.m.19 views

CVE-2020-35488

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service daemon crash via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslo...

7.2AI score0.07599EPSS
Exploits3References2
Prion
Prion
added 2020/08/21 3:15 a.m.12 views

Design/Logic Flaw

voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...

6.9CVSS7.7AI score0.00559EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2020/02/04 12:0 a.m.22 views

Linux: Read /etc/login.defs (KB)

The /etc/login.defs file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation. Note: This script only stores information for other Policy Controls...

7AI score
Exploits0References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.2 views

Arbitrary File Read Vulnerability in Specific Configurations of phpMyAdmin

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. An arbitrary file read vulnerability exists in a...

7.3AI score
Exploits0
NVD
NVD
added 2018/11/14 6:29 p.m.19 views

CVE-2018-9531

In AudioSpecificConfigParse of tpdecasc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android...

9.3CVSS8.6AI score0.01128EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2018/07/18 6:28 p.m.29 views

Unsafe deserialization in confire

An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An...

9.8CVSS9.4AI score0.04435EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2017/11/10 9:29 a.m.16 views

Input validation

An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An...

7.5CVSS9.8AI score0.04435EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2017/11/10 9:29 a.m.21 views

CVE-2017-16763

An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An...

9.8CVSS9.8AI score0.04435EPSS
Exploits1References3
OSV
OSV
added 2017/09/12 9:29 p.m.0 views

CVE-2017-1519

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829...

5.9CVSS5.8AI score0.01732EPSS
Exploits0References4
CNVD
CNVD
added 2017/09/11 12:0 a.m.1 views

IBM DB2 Denial of Service Vulnerability (CNVD-2017-33609)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2 versions 10.5 and 11.1. A remote attacker could...

5.9CVSS6.8AI score0.01732EPSS
Exploits0References1
OSV
OSV
added 2012/02/19 12:0 a.m.14 views

DSA-2411-1 mumble - information disclosure

Bulletin has no description...

2.1CVSS6.3AI score0.00384EPSS
Exploits0
Rows per page
Query Builder