Lucene search
K

4535 matches found

RedHat Linux
RedHat Linux
added 2020/10/28 3:49 p.m.8 views

curl: Integer overflows in curl_url_set() function

An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1...

4.3CVSS7AI score0.04897EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/10/26 11:22 a.m.5 views

kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt

A flaw was found in the Linux kernel. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leadi...

5.5CVSS7AI score0.00416EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/19 2:37 p.m.5 views

npm: sensitive information exposure through logs

Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "://:@::/". The password value is not redacted and is printed to stdout and also to any generated log files...

4.4CVSS7.3AI score0.00417EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/13 5:1 p.m.2 views

xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS

A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.1AI score0.0222EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/13 8:22 a.m.3 views

chromium-browser: Use after free in audio

Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.02553EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/05 3:18 p.m.4 views

mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS6.8AI score0.02981EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/09/30 9:15 p.m.3 views

CVE-2020-26159

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Further investigation showed that it was not a security issue. Notes: none...

6.8AI score
Exploits1References3
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.7 views

nss: Use-after-free in sftk_FreeSession due to improper refcounting

A use-after-free flaw was found in Mozilla Network Security Services NSS related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS...

8.8CVSS7.5AI score0.01501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.2 views

kernel: out of bounds write in i2c driver leads to local escalation of privilege

An out-of-bounds write flaw was found in the i2c driver in the Linux kernel. This flaw allows an attacker to escalate privileges with system execution privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

6.7CVSS7.3AI score0.00182EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 8:24 p.m.4 views

SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDLLoadWAVRW in audio/SDLwave.c...

8.8CVSS7.6AI score0.02992EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/09/29 8:24 p.m.5 views

SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDLFillRect in video/SDLsurface.c...

8.8CVSS7.6AI score0.03112EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/09/29 8:15 p.m.6 views

freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB read vulnerability has been detected in securityfipsdecrypt in libfreerdp/core/security.c due to an uninitialized value...

5.5CVSS5.7AI score0.00538EPSS
Exploits0References4
0day.today
0day.today
added 2020/09/22 12:0 a.m.95 views

Artica Proxy 4.30.000000 Authentication Bypass / Command Injection Exploit

This Metasploit module exploits an authenticated command injection vulnerability in Artica Proxy, combined with an authentication bypass discovered on the same version, it is possible to trigger the vulnerability without knowing the credentials. The application runs in a virtual appliance and...

9CVSS9.7AI score0.93967EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2020/09/15 6:30 p.m.3 views

mysql: C API unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

5.3CVSS7.1AI score0.02221EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/15 6:30 p.m.5 views

mysql: Server: Parser unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks...

6.5CVSS7.3AI score0.02653EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/15 4:18 p.m.3 views

mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

7.2CVSS7.2AI score0.02035EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/15 4:18 p.m.5 views

mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

7.2CVSS7.2AI score0.02118EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/15 4:18 p.m.6 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

4.9CVSS7.3AI score0.02805EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/14 12:58 p.m.5 views

mysql: Server: DML unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.2AI score0.02154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/14 12:58 p.m.5 views

mysql: Server: DML unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS7.2AI score0.02439EPSS
Exploits0References5
Rows per page
Query Builder