Lucene search
K

18 matches found

EUVD
EUVD
added 6 days ago5 views

EUVD-2026-41863

Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...

5CVSS6AI score0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1609

Malware in sbrugna...

9.8CVSS9.2AI score0.02547EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.3 views

Moss 安全漏洞

Moss is a simple and lightweight content management system open-sourced by deep-project. A security vulnerability exists in Moss versions prior to 0.15, which stems from a misconfiguration of the file upload feature that could result in the upload of arbitrary files...

8.6CVSS6.8AI score0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 10:40 p.m.8 views

CVE-2002-20002

The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand, which is not a strong random number generator, for cryptographic keys...

5.4CVSS6.9AI score0.00299EPSS
Exploits0References1
CVE
CVE
added 2025/01/02 12:0 a.m.70 views

CVE-2024-56830

The CVE-2024-56830 issue affects the Net::EasyTCP Perl module (libnet-easytcp-perl) versions 0.15–0.26. The root cause is fallback to Perl’s insecure rand() when Crypt::Random isn’t available, risking weak randomness. Debian/OSV/NASL references confirm a fix: upgrade to Debian 11 bullseye package...

5.4CVSS7AI score0.00373EPSS
Exploits0References3
OSV
OSV
added 2023/08/22 7:16 p.m.2 views

DEBIAN-CVE-2021-32292

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

9.8CVSS6.9AI score0.01071EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.5 views

PT-2022-28275 · Tuf · Tuf

Name of the Vulnerable Software and Affected Versions: TUF versions 0.14.0 through 0.15.x Description: The issue concerns the verify root self signed function, which verifies self-signatures in new root metadata files. This function counted multiple signatures by any new root key towards the new...

7.3AI score
Exploits0References6
Cvelist
Cvelist
added 2022/07/25 6:15 a.m.31 views

CVE-2022-36450

Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL...

8CVSS10AI score0.19589EPSS
Exploits1References2
PyPA
PyPA
added 2020/12/09 5:15 p.m.72 views

PYSEC-2020-52

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...

7.9CVSS9.1AI score0.00471EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2020/01/07 6:24 p.m.5 views

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

9.1CVSS5.8AI score0.02066EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/02 2:3 p.m.4 views

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

9.1CVSS5.8AI score0.02066EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/12/09 8:58 a.m.11 views

JDK: Unrestricted access to diagnostic operations

From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks...

9.1CVSS5.8AI score0.02066EPSS
Exploits0References4
exploitpack
exploitpack
added 2019/07/26 12:0 a.m.74 views

pdfresurrect 0.15 - Buffer Overflow

pdfresurrect 0.15 - Buffer Overflow Exploit Title: pdfresurrect 0.15 Buffer Overflow Date: 2019-07-26 Exploit Author: j0lama Vendor Homepage: https://github.com/enferex/pdfresurrect Software Link: https://github.com/enferex/pdfresurrect Version: 0.15 Tested on: Ubuntu 18.04 CVE : CVE-2019-14267...

6.8CVSS1.1AI score0.07078EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2018/09/18 12:0 a.m.10 views

PT-2018-13924

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.14.x through 0.14.2 Bitcoin Core versions 0.15.x through 0.15.1 Bitcoin Core versions 0.16.x through 0.16.2 Bitcoin Knots versions 0.14.x through 0.16.2 Description: The issue allows a remote denial of service, which c...

7.5CVSS7.9AI score0.06749EPSS
Exploits1References33
CNVD
CNVD
added 2018/01/05 12:0 a.m.5 views

Pepperminty-Wiki XXE Attack Vulnerability

Pepperminty-Wiki is an open source hypertext system. The system supports file uploads, history, and dynamic support. A security vulnerability exists in the 'getsvgsize' function in Pepperminty-Wiki version 0.15. A remote attacker can exploit this vulnerability to cause a denial of service and...

9.8CVSS7AI score0.02547EPSS
Exploits0References1
Prion
Prion
added 2018/01/03 2:29 p.m.14 views

Remote code execution

Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution...

7.5CVSS9.6AI score0.02547EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/03 2:0 p.m.21 views

CVE-2017-1000497

Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution...

9.7AI score0.02547EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.27 views

Gentoo Security Advisory GLSA 201208-04 (gajim)

The remote host is missing updates announced in advisory GLSA 201208-04. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

7.5CVSS6.4AI score0.03179EPSS
Exploits2References3
Rows per page
Query Builder