Lucene search
+L

65 matches found

CNVD
CNVD
added 2018/05/31 12:0 a.m.10 views

tomita-parser file download vulnerability

tomita-parser is a tool that provides structured data from natural language text. A file download vulnerability exists in tomita-parser that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...

9.3CVSS8.1AI score0.01682EPSS
Exploits0References1
OSV
OSV
added 2016/10/22 3:59 a.m.4 views

CVE-2016-0240

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...

3.7CVSS5.8AI score0.0103EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/05/05 12:0 a.m.7 views

The vulnerability of the Squid proxy server allows a hacker to cause a service failure.

The vulnerability of the FwdState::connectedToPeer method FwdState.cc in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause a service failure application termination by using an unencrypted HTTP message...

4.3CVSS6.5AI score0.2555EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2015/04/01 12:0 a.m.4 views

UBUNTU-CVE-2015-0812

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdoma...

4.3CVSS7.2AI score0.01261EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/07/21 12:0 a.m.5 views

PT-2012-3978 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.5 Moodle versions 2.2.x through 2.2.2 Description: The issue concerns the Multi-Authentication feature in the Central Authentication Service CAS functionality. It does not utilize HTTPS, allowing remote...

5CVSS6.3AI score0.01311EPSS
Exploits0References7
Rows per page
Query Builder