Lucene search
K

232 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.3 views

SUSE CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before...

8.8CVSS8AI score0.05499EPSS
Exploits0References7
Prion
Prion
added 2023/01/26 9:17 p.m.22 views

Design/Logic Flaw

IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 239427...

5CVSS7.3AI score0.01966EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2023/01/25 6:7 p.m.25 views

CVE-2022-43864 IBM Business Automation Workflow information disclosure

IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 239427...

7.5CVSS7.3AI score0.01966EPSS
Exploits0References3
Veracode
Veracode
added 2022/12/13 7:43 a.m.15 views

Cross-site Scripting (XSS)

nuxt is vulnerable to cross-site scripting XSS attacks. The library unsafely renders the stack trace within errors, which allows an attacker to inject and execute malicious JavaScript via a specifically crafted URL request...

6.1CVSS5.6AI score0.00509EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/06 6:15 p.m.3 views

CVE-2021-27759

This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application...

6.5CVSS6.7AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2022/04/30 6:16 p.m.13 views

GHSA-X445-MMPW-7R4F Apache Tomcat Allows Source Disclosure

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...

5CVSS6.6AI score0.10956EPSS
Exploits1References3
NVD
NVD
added 2021/11/02 6:15 p.m.15 views

CVE-2020-21574

Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function...

7.5CVSS0.00947EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/11/02 5:45 p.m.18 views

CVE-2020-21574

Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows attackers to cause a denial of service via a long url request which is passed to the delimitedread function...

7.5AI score0.00947EPSS
Exploits1References1
ArchLinux
ArchLinux
added 2021/10/21 12:0 a.m.83 views

[ASA-202110-5] nodejs-lts-fermium: multiple issues

Arch Linux Security Advisory ASA-202110-5 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-22939 CVE-2021-22940 CVE-2021-22959 CVE-2021-22960 Package : nodejs-lts-fermium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2284...

7.5CVSS1.1AI score0.1473EPSS
Exploits3References24
ArchLinux
ArchLinux
added 2021/10/21 12:0 a.m.44 views

[ASA-202110-4] nodejs: url request injection

Arch Linux Security Advisory ASA-202110-4 ========================================= Severity: Medium Date : 2021-10-21 CVE-ID : CVE-2021-22959 CVE-2021-22960 Package : nodejs Type : url request injection Remote : Yes Link : https://security.archlinux.org/AVG-2460 Summary ======= The package nodej...

6.5CVSS0.4AI score0.02936EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2021/07/14 12:0 a.m.234 views

[ASA-202107-28] varnish: url request injection

Arch Linux Security Advisory ASA-202107-28 ========================================== Severity: Medium Date : 2021-07-14 CVE-ID : CVE-2021-36740 Package : varnish Type : url request injection Remote : Yes Link : https://security.archlinux.org/AVG-2154 Summary ======= The package varnish before...

6.5CVSS0.5AI score0.01599EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2021/06/15 12:0 a.m.174 views

[ASA-202106-42] go: multiple issues

Arch Linux Security Advisory ASA-202106-42 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2006 Summary...

7.5CVSS7.6AI score0.03464EPSS
Exploits4References15
Prion
Prion
added 2021/06/07 2:15 p.m.10 views

Code injection

IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to read and delete arbitrary files on the system. IBM X-Force ID: 198435...

6.5CVSS8.1AI score0.0186EPSS
Exploits0References2Affected Software1
ArchLinux
ArchLinux
added 2021/05/19 12:0 a.m.228 views

[ASA-202105-3] ceph: multiple issues

Arch Linux Security Advisory ASA-202105-3 ========================================= Severity: High Date : 2021-05-19 CVE-ID : CVE-2021-3509 CVE-2021-3524 CVE-2021-3531 CVE-2021-20288 Package : ceph Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1826 Summary =======...

7.2CVSS7.3AI score0.02449EPSS
Exploits1References16
ArchLinux
ArchLinux
added 2021/02/20 12:0 a.m.222 views

[ASA-202102-28] python-django: url request injection

Arch Linux Security Advisory ASA-202102-28 ========================================== Severity: Medium Date : 2021-02-20 CVE-ID : CVE-2021-23336 Package : python-django Type : url request injection Remote : Yes Link : https://security.archlinux.org/AVG-1593 Summary ======= The package python-djan...

5.9CVSS0.7AI score0.35963EPSS
Exploits1References9
Cvelist
Cvelist
added 2021/02/18 3:10 p.m.16 views

CVE-2021-20354

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 194883...

5.9CVSS7.4AI score0.03696EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2021/01/12 12:0 a.m.128 views

[ASA-202101-16] nodejs: multiple issues

Arch Linux Security Advisory ASA-202101-16 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1400 Summary ======= The package nodejs before...

8.1CVSS8.4AI score0.16296EPSS
Exploits3References22
ArchLinux
ArchLinux
added 2021/01/12 12:0 a.m.136 views

[ASA-202101-15] nodejs-lts-fermium: multiple issues

Arch Linux Security Advisory ASA-202101-15 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs-lts-fermium Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1401 Summary ======= The package...

8.1CVSS8.5AI score0.16296EPSS
Exploits3References22
ArchLinux
ArchLinux
added 2021/01/12 12:0 a.m.129 views

[ASA-202101-14] nodejs-lts-erbium: multiple issues

Arch Linux Security Advisory ASA-202101-14 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs-lts-erbium Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1402 Summary ======= The package...

8.1CVSS8.5AI score0.16296EPSS
Exploits3References22
NVD
NVD
added 2020/10/28 5:15 p.m.12 views

CVE-2020-4782

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6.7AI score0.02534EPSS
Exploits0References2
Rows per page
Query Builder