Lucene search
K

45 matches found

OSV
OSV
added 2023/06/08 7:42 p.m.13 views

CVE-2023-34231 Snowflake Golang Driver vulnerable to Command Injection

gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on SSO browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1...

7.3CVSS7.8AI score0.01962EPSS
Exploits0References5
CNVD
CNVD
added 2023/02/17 12:0 a.m.7 views

SAP Solution Manager Input Validation Error Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as a system management platform. An input validation error vulnerability exists in SAP Solution Manager version 720, which stems from insufficie...

6.5CVSS6.1AI score0.00302EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/07 12:0 a.m.5 views

Unspecified Vulnerability in Flask-User

Flask-User is a software application. Customizable user authentication and user management, register, confirm, login, change username, password, forget password, etc. A security vulnerability exists in Flask-User, which can be exploited to bypass url authentication and redirect a user to an...

6.1CVSS7.1AI score0.01113EPSS
Exploits1References1
Huntr
Huntr
added 2021/03/22 5:22 p.m.9 views

Open Redirect in forkcms/forkcms

✍️ Description Open redirect is a security flaw in an app or a web page that causes it to fail to properly authenticate URLs. When apps and web pages have requests for URLs, they are supposed to verify that those URLs are part of the intended page’s domain. Open redirect is a failure in that...

0.3AI score
Exploits0
Veracode
Veracode
added 2020/05/10 11:26 p.m.21 views

Denial Of Service (DoS)

icecast is vulnerable to denial of service DoS. A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of...

8.1CVSS2.9AI score0.48944EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.24 views

Fedora 29 : icecast (2018-b881073c43)

This release fixes buffer overflows in URL authentication code CVE-2018-18820, a crash in htpasswd authentication if no filename is set, a crash on xsltApplyStylesheet error, and a crash on malformed Opus streams. It also corrects global listener counter. It stops displaying hashed user passwords...

8.1CVSS7.8AI score0.48944EPSS
Exploits0References2
OSV
OSV
added 2018/11/28 8:50 p.m.8 views

MGASA-2018-0472 Updated icecast packages fix security vulnerability

Buffer overflows in URL auth code if there is a "mount" definition that enables URL authentication. A malicious client could send long HTTP headers, leading to a buffer overflow and potential remote code execution CVE-2018-18820...

8.1CVSS8.2AI score0.48944EPSS
Exploits0References3
Mageia
Mageia
added 2018/11/28 8:50 p.m.30 views

Updated icecast packages fix security vulnerability

Buffer overflows in URL auth code if there is a "mount" definition that enables URL authentication. A malicious client could send long HTTP headers, leading to a buffer overflow and potential remote code execution CVE-2018-18820...

8.1CVSS4.8AI score0.48944EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2018/11/05 8:27 p.m.618 views

Online Radio Stations at Risk from Icecast Flaw

A vulnerability in Icecast, an open-source streaming media server used by online radio stations to broadcast their content, could be used to knock a station off-air. It also could potentially allow remote code-execution. Icecast is maintained by the Xiph.org Foundation, and it supports tens of...

6.8CVSS8.1AI score0.48944EPSS
Exploits0References5
Prion
Prion
added 2018/11/05 7:29 p.m.21 views

Buffer overflow

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

6.8CVSS8.2AI score0.48944EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2018/11/05 7:29 p.m.14 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.3AI score0.48944EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2018/11/05 7:29 p.m.27 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS7.6AI score0.48944EPSS
Exploits0References4
OSV
OSV
added 2018/11/05 7:29 p.m.19 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.3AI score
Exploits0References5
OSV
OSV
added 2018/11/05 7:29 p.m.2 views

DEBIAN-CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.3AI score0.48944EPSS
Exploits0References1
OSV
OSV
added 2018/11/05 7:29 p.m.3 views

UBUNTU-CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS7.7AI score0.48944EPSS
Exploits0References5
OSV
OSV
added 2018/11/05 7:29 p.m.2 views

ALPINE-CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.3AI score0.48944EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/11/05 7:0 p.m.23 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.4AI score0.48944EPSS
Exploits0
Cvelist
Cvelist
added 2018/11/05 7:0 p.m.22 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.2AI score0.48944EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2018/11/05 7:0 p.m.38 views

CVE-2018-18820

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution...

8.1CVSS8.4AI score0.48944EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/03/01 5:0 p.m.19 views

CVE-2016-2512

The utils.http.issafeurl function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting XSS attacks via a URL containing basic authentication, as demonstrated by...

7.4CVSS7.2AI score0.04035EPSS
Exploits0References3
Rows per page
Query Builder