Lucene search
+L

362 matches found

NVD
NVD
added 2023/06/14 8:15 a.m.26 views

CVE-2023-30631

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...

7.5CVSS7.4AI score0.02005EPSS
Exploits0References5
CVE
CVE
added 2023/06/07 8:43 p.m.75 views

CVE-2023-1864

FANUC ROBOGUIDE-HandlingPRO, Versions 9 Rev.ZD and prior, is affected by CVE-2023-1864 (path traversal). The root cause is improper limitation of a pathname to a restricted directory, enabling a remote attacker to read files on the system running the software. According to published advisories, t...

7.5CVSS6.9AI score0.00943EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/04/14 2:15 p.m.5 views

CVE-2023-29803

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function...

9.8CVSS7.3AI score0.02156EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.30 views

Apache Tomcat 9.0.0-M1 < 9.0.72 Information Disclosure

The version of Apache Tomcat installed on the remote host is 8.5.x prior to 8.5.86, 9.0.0-M1 prior to 9.0.72, 10.1.0-M1 prior to 10.1.6 or 11.0.0-M1 prior to 11.0.0-M3. It is, therefore, affected by an information disclosure due to the RemoteIpFilter. Note that the scanner has not attempted to...

4.3CVSS7AI score0.01831EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/02/08 9:33 p.m.62 views

TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering

CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:F/RL:O/RC:C 8.2 Problem TYPO3 core component GeneralUtility::getIndpEnv uses the unfiltered server environment variable PATHINFO, which allows attackers to inject malicious content. In combination with the TypoScript setting...

8.8CVSS5.9AI score0.00831EPSS
Exploits1References10Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/06 8:32 p.m.50 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the October 2022 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

5.3CVSS5.7AI score0.01746EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/12/20 12:0 a.m.17 views

Apache Traffic Server (ATS) 8.x < 8.1.5, 9.x < 9.1.3 Multiple Vulnerabilities

Apache Traffic Server ATS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.3AI score0.013EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.16 views

TYPO3 Weak Authentication Vulnerability (TYPO3-CORE-SA-2022-013)

TYPO3 is prone to a weak authentication vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if descripti...

6.5CVSS6.8AI score0.00479EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/10/18 12:0 a.m.22 views

Grafana Privilege Escalation Vulnerability (GHSA-jv32-5578-pxjc)

Grafana is prone to a privilege escalation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.5CVSS7.9AI score0.00964EPSS
Exploits0References1
CNVD
CNVD
added 2022/10/13 12:0 a.m.54 views

SAP 3D Visual Enterprise Author .emf Buffer Overflow Vulnerability

SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...

7.8CVSS7.8AI score0.00822EPSS
Exploits0References1
NVD
NVD
added 2022/10/11 9:15 p.m.27 views

CVE-2022-41181

Due to lack of proper memory management, when a victim opens manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the use...

5.5CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2022/10/11 9:15 p.m.30 views

CVE-2022-41169

Due to lack of proper memory management, when a victim opens manipulated CATIA5 Part .catpart, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until...

5.5CVSS0.00242EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 9:15 p.m.11 views

CVE-2022-41171

Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part .model, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References2
Prion
Prion
added 2022/10/11 9:15 p.m.21 views

Stack overflow

Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part .catpart, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

4.4CVSS7.9AI score0.00491EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/10/11 9:15 p.m.22 views

Stack overflow

Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile .emf, emf.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow o...

4.4CVSS7.9AI score0.00822EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/10/11 12:0 a.m.64 views

CVE-2022-41177

The CVE-2022-41177 issue affects SAP 3D Visual Enterprise Author (v9) where parsing of IGES/IGES-like files (.igs, .iges) can trigger memory corruption due to improper memory management. The vulnerability allows remote code execution when a victim opens a manipulated IGES file from untrusted sour...

7.8CVSS7.8AI score0.00491EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/10/11 12:0 a.m.60 views

CVE-2022-41193

SAP 3D Visual Enterprise Viewer 9 is affected by a memory-management vulnerability in EPS parsing (EPS/ai.x3d). The issue can trigger Remote Code Execution when a manipulated file from untrusted sources is opened, due to stack-based overflow or re-use of a dangling pointer. The vulnerability requ...

7.8CVSS7.9AI score0.00604EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.42 views

CVE-2022-39808

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object .obj, ObjTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

8.2AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 2022/10/11 12:0 a.m.65 views

CVE-2022-39808

CVE-2022-39808 concerns SAP 3D Visual Enterprise Author v9. It stems from improper memory management while parsing Wavefront OBJ files (ObjTranslator.exe), allowing Remote Code Execution via a payload that triggers a stack-based overflow or reuse of a dangling pointer to overwritten memory space....

7.8CVSS7.9AI score0.00342EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.32 views

CVE-2022-41180

Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

8.2AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder