CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1065 matches found

Positive Technologies•added 2019/03/27 12:0 a.m.•3 views

PT-2019-1714 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Description: A parsing issue on DNS packets in the Network-Based Application Recognition NBAR feature could allow an unauthenticated,...

8.6CVSS7.8AI score0.02516EPSS

Exploits0References7

OSV•added 2019/03/26 12:0 a.m.•64 views

DLA-1730-1 libssh2 - security update

Bulletin has no description...

9.3CVSS7.5AI score0.09219EPSS

Exploits0

OSV•added 2019/03/25 12:0 a.m.•49 views

DLA-1728-1 openssh - security update

Bulletin has no description...

6.8CVSS6.3AI score0.58204EPSS

Exploits9

OSV•added 2019/03/23 10:54 a.m.•9 views

OPENSUSE-SU-2019:0153-1 Security update for subversion

This update for subversion fixes the following issues: Security issue fixed: - CVE-2018-11803: Fixed a vulnerability that allowed malicious SVN clients to trigger a crash in moddavsvn by omitting the root path from a recursive directory listing request bsc1122842 This update was imported from the...

7.5CVSS7.9AI score0.57822EPSS

Exploits0References3

OSV•added 2019/03/18 12:0 a.m.•22 views

DLA-1716-1 ikiwiki - security update

Bulletin has no description...

7.5CVSS7.5AI score0.01699EPSS

Exploits0

OSV•added 2019/03/18 12:0 a.m.•20 views

DLA-1717-1 rdflib - security update

Bulletin has no description...

9.8CVSS9.4AI score0.02263EPSS

Exploits1

OSV•added 2019/03/17 12:0 a.m.•24 views

DSA-4408-1 liblivemedia - security update

Bulletin has no description...

9.8CVSS9.4AI score0.03192EPSS

Exploits1

OSV•added 2019/03/13 12:0 a.m.•22 views

DLA-1710-1 xmltooling - security update

Bulletin has no description...

7.5CVSS7.3AI score0.02052EPSS

Exploits0

OSV•added 2019/03/08 12:0 a.m.•45 views

DSA-4403-1 php7.0 - security update

Bulletin has no description...

9.8CVSS7.7AI score0.09395EPSS

Exploits5

Schneier on Security•added 2019/03/06 12:17 p.m.•60 views

Digital Signatures in PDFs Are Broken

Researchers have demonstrated spoofing of digital signatures in PDF files. This would matter more if PDF digital signatures were widely used. Still, the researchers have worked with the various companies that make PDF readers to close the vulnerabilities. You should update your software. Details...

3.3AI score

Exploits0

OSV•added 2019/02/25 12:0 a.m.•14 views

DLA-1688-1 waagent - update

Bulletin has no description...

7.2AI score

Exploits0

OSV•added 2019/02/18 11:57 p.m.•10 views

GHSA-VVWP-3F54-XC39 Downloads Resources over HTTP in broccoli-closure

Affected versions of broccoli-closure insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

9.3CVSS8.2AI score0.01682EPSS

Exploits0References3

OSV•added 2019/02/18 11:56 p.m.•13 views

GHSA-G95J-P8F6-PWH4 headless-browser-lite downloads Resources over HTTP

Affected versions of headless-browser-lite insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...

8.1CVSS8.2AI score0.01682EPSS

Exploits0References5

Github Security Blog•added 2019/02/18 11:51 p.m.•33 views

ibm_db downloads Resources over HTTP

Affected versions of ibmdb insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on the behavior of...

8.1CVSS7.9AI score0.01546EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2019/02/18 11:42 p.m.•21 views

Downloads Resources over HTTP in limbus-buildgen

Affected versions of limbus-buildgen insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

9.3CVSS5.7AI score0.01716EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2019/02/18 11:35 p.m.•36 views

Downloads Resources over HTTP in product-monitor

Affected versions of product-monitor insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

9.3CVSS5.7AI score0.01682EPSS

Exploits0References3Affected Software1

OSV•added 2019/02/18 11:35 p.m.•12 views

GHSA-6PWF-WHC8-HJF6 Downloads Resources over HTTP in baryton-saxophone

Affected versions of baryton-saxophone insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

9.3CVSS8.1AI score0.02104EPSS

Exploits0References3

Github Security Blog•added 2019/02/18 11:35 p.m.•19 views

Downloads Resources over HTTP in kindlegen

Affected versions of kindlegen insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...

9.3CVSS4.4AI score0.01752EPSS

Exploits0References3Affected Software1

OSV•added 2019/02/17 12:0 a.m.•8 views

DSA-4388-2 mosquitto - regression update

Bulletin has no description...

7.2AI score

Exploits0

OSV•added 2019/02/15 12:0 a.m.•39 views

DLA-1677-1 firefox-esr - security update

Bulletin has no description...

8.8CVSS7.7AI score0.0313EPSS

Exploits0