CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5093 matches found

RedhatCVE•added 2020/09/09 7:49 p.m.•23 views

CVE-2020-14392

An untrusted pointer dereference flaw was found in Perl-DBI before version 1.643. This flaw allows a local attacker who can manipulate calls to dbddblogin6sv to cause memory corruption. The highest threat from this vulnerability is to system availability...

6.1CVSS3.8AI score0.00576EPSS

Exploits0References4

RedHat Linux•added 2020/09/08 9:44 a.m.•3 views

postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML

A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity XXE weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability...

7.7CVSS5.8AI score0.04094EPSS

Exploits0References4

RedHat Linux•added 2020/09/08 9:32 a.m.•2 views

postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML

7.7CVSS5.8AI score0.04094EPSS

Exploits0References4

OpenVAS•added 2020/09/08 12:0 a.m.•16 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1986)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.1AI score0.02319EPSS

Exploits1References2

OpenVAS•added 2020/09/08 12:0 a.m.•16 views

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2020-1985)

7.8CVSS8AI score0.01888EPSS

Exploits1References2

Tenable Nessus•added 2020/09/08 12:0 a.m.•51 views

EulerOS Virtualization for ARM 64 3.0.2.0 : json-c (EulerOS-SA-2020-1985)

According to the version of the json-c package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to...

7.8CVSS6.5AI score0.01888EPSS

Exploits1References2

Tenable Nessus•added 2020/09/08 12:0 a.m.•21 views

EulerOS Virtualization for ARM 64 3.0.2.0 : virglrenderer (EulerOS-SA-2020-1970)

According to the versions of the virglrenderer package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow flaw was found in virglrenderer. The vrendrenderertransferwriteiov function allows...

7.8CVSS6.4AI score0.00439EPSS

Exploits0References3

Tenable Nessus•added 2020/09/08 12:0 a.m.•24 views

EulerOS Virtualization for ARM 64 3.0.2.0 : dbus (EulerOS-SA-2020-1982)

According to the version of the dbus packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An uncontrolled resource consumption vulnerability was discovered in D-Bus. The DBusServer leaks file descriptors when a...

5.5CVSS6.5AI score0.00569EPSS

Exploits1References2

RedhatCVE•added 2020/09/07 2:49 p.m.•44 views

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability. Mitigation...

5.8CVSS1.5AI score0.00249EPSS

Exploits0References3

RedHat Linux•added 2020/09/07 1:5 p.m.•3 views

wildfly: Some EJB transaction objects may get accumulated causing Denial of Service

A flaw was found in Wildfly's EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system...

6.5CVSS5.7AI score0.01203EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 1:5 p.m.•2 views

jackson-databind: Serialization gadgets in anteros-core

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.18345EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•2 views

jackson-databind: Serialization gadgets in anteros-core

9.8CVSS7.1AI score0.18345EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•1 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04575EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•1 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

9.8CVSS7.1AI score0.18671EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•1 views

jackson-databind: Serialization gadgets in ibatis-sqlmap

9.8CVSS7.1AI score0.18671EPSS

Exploits0References4

RedHat Linux•added 2020/09/07 12:58 p.m.•2 views

jackson-databind: Serialization gadgets in anteros-core