Lucene search
K

540 matches found

Positive Technologies
Positive Technologies
added 2019/04/18 12:0 a.m.4 views

PT-2019-11704 · Jenkins · Jenkins Jira-Ext Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins jira-ext Plugin versions 0.8 and earlier Description: The issue concerns the storage of credentials in the global configuration file on the Jenkins master. Specifically, credentials are stored unencrypted in the file...

8.8CVSS8.5AI score0.01373EPSS
Exploits0References6
CNVD
CNVD
added 2019/03/14 12:0 a.m.3 views

GNU LibreDWG Heap Buffer Overflow Vulnerability

GNU LibreDWG is a GNU Project C library for working with DWG files. A buffer overflow vulnerability exists in the 'dwgdecodeeeddata' function of the decode.c file in GNU LibreDWG version 0.7 and version 0.7.1645. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS7.2AI score0.02906EPSS
Exploits1References1
CNVD
CNVD
added 2019/03/14 12:0 a.m.5 views

GNU LibreDWG Buffer Overflow Vulnerability (CNVD-2019-12557)

GNU LibreDWG is a GNU Project C library for working with DWG files. A buffer overflow vulnerability exists in the 'dwgdxfBLOCKCONTROL' function of the dwg.spec file in GNU LibreDWG version 0.7 and 0.7.1645. An attacker could exploit this vulnerability to cause a denial of service or disclose...

9.1CVSS7.2AI score0.02968EPSS
Exploits1References1
CNVD
CNVD
added 2019/03/14 12:0 a.m.7 views

GNU LibreDWG null pointer back-reference vulnerability (CNVD-2019-12558)

GNU LibreDWG is a GNU Project C library for working with DWG files. A null pointer back-reference vulnerability exists in the 'dwgdxfLTYPE' function of the dwg.spec file in GNU LibreDWG version 0.7 and 0.7.1645. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS6.8AI score0.02772EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/23 12:0 a.m.3 views

OpenSC Memory Leak Vulnerability

OpenSC is an open source smart card tool and middleware. A security vulnerability exists in the 'sccontextcreate' function in the ctx.c file of libopensc in OpenSC version 0.19.0. An attacker can exploit this vulnerability to cause a denial of service memory leak...

7.5CVSS6.7AI score0.02198EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/15 12:0 a.m.3 views

yaml-cpp denial of service vulnerability (CNVD-2019-01859)

yaml-cpp aka LibYaml-C++ is a C++ parser for use in YAML. A security vulnerability exists in the YAML::SingleDocParser of the singledocparser.cpp file in yaml-cpp version 0.6.2. A remote attacker can exploit this vulnerability to cause a denial of service with the help of the cpp file...

6.5CVSS6.8AI score0.01748EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/19 12:0 a.m.2 views

Cloud Foundry Container Runtime Information Disclosure Vulnerability

Cloud Foundry Container Runtime is a system from the US-based Cloud Foundry Foundation that provides a unified way to instantiate, deploy, and manage Kubernetes clusters. An information disclosure vulnerability exists in Cloud Foundry Container Runtime kubo-release prior to version 0.14.0, which...

8.8CVSS8.5AI score0.00944EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/14 12:0 a.m.3 views

xunfeng Command Injection Vulnerability

xunfeng is a rapid vulnerability response and asset scanning system for enterprise intranets. A command injection vulnerability exists in xunfeng version 0.2.0, which stems from the failure of the masscan.py file to properly handle backquote characters and can be exploited by an attacker to execu...

8CVSS8.4AI score0.00815EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/08/23 12:0 a.m.5 views

PT-2018-16250 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: The issue arises from the device's incorrect handling of spaces in the URL field of the smart cameras RTSP configuration, leading to an arbitrary operating system command...

9.9CVSS9.7AI score0.03444EPSS
Exploits2References3
CNVD
CNVD
added 2018/05/30 12:0 a.m.3 views

crud-file-server node module path traversal vulnerability

The crud-file-server node module is a file server that supports create, read, update and delete functions. A path traversal vulnerability exists in the crud-file-server node module prior to version 0.9.0, which stems from the program's failure to properly verify the url, and can be exploited by a...

7.5CVSS7.6AI score0.02216EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/19 12:0 a.m.3 views

elfutils 'ebl_dynamic_tag_name' function buffer overflow vulnerability

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A buffer overflow vulnerability exists in the 'ebldynamictagname' function of the libebl/ebldynamictagname.c file in elfutils version 0.170, which stems from the program's lack of support for...

7.8CVSS7.4AI score0.00853EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/13 7:46 a.m.3 views

ArsenoL vulnerable to cross-site scripting

Overview ArsenoL provided by FlaFla... is software that can be downloaded from the Internet. ArsenoL is a dictionay software that is placed on a website used to post words and their meanings. ArsenoL contains a cross-site scripting vulnerability CWE-79 where an arbitrary script may be executed wh...

6.1CVSS6AI score0.00746EPSS
Exploits0References4
CNVD
CNVD
added 2018/03/07 12:0 a.m.4 views

Western Bridge Cobub Razor Cross-Site Request Forgery Vulnerability

Western Bridge Cobub Razor is an open source mobile application analytics system. The system can provide users with detailed multi-dimensional reports and monitor their mobile applications and applications user behavior statistics. A cross-site request forgery vulnerability exists in Western Brid...

8.8CVSS7AI score0.01169EPSS
Exploits1References1
OSV
OSV
added 2018/03/07 12:0 a.m.3 views

UBUNTU-CVE-2018-7752

GPAC through 0.7.1 has a Buffer Overflow in the gfmediaavcreadsps function in mediatools/avparsers.c, a different vulnerability than CVE-2018-1000100...

7.8CVSS7.1AI score0.01549EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2018/02/23 5:29 p.m.3 views

CVE-2012-6709

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation...

5.9CVSS5.5AI score0.00579EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/13 12:0 a.m.3 views

Exiv2 'readHeader' Function Denial of Service Vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A security vulnerability exists in the 'readHeader' functi...

6.5CVSS6.9AI score0.01173EPSS
Exploits1References1
OSV
OSV
added 2017/11/18 6:29 p.m.3 views

UBUNTU-CVE-2017-16883

The outputSWFTEXTRECORD function in util/outputscript.c in libming = 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file...

6.5CVSS6.9AI score0.01052EPSS
Exploits0References3
PyPA
PyPA
added 2017/09/29 1:34 a.m.6 views

PYSEC-2017-134

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

5.5CVSS6.8AI score0.00963EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2017/08/29 12:0 a.m.3 views

Lemur has an unspecified vulnerability

Lemur is a Python based TLS certificate management tool. A security vulnerability exists in Lemur version 0.1.4, which stems from the program's failure to use a random IV when encrypting AES.No detailed information about the vulnerability is currently available...

7.5CVSS7.3AI score0.01509EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/07/26 12:0 a.m.3 views

PT-2017-12152 · Sipcrack +1 · Sipcrack +1

Name of the Vulnerable Software and Affected Versions: SIPcrack version 0.2 Description: A memory leak was discovered in the way SIPcrack handles SIP traffic processing due to mismanagement of a lines array. This issue could allow a remote attacker to potentially crash long-running sipdump networ...

7.5CVSS7.3AI score0.02549EPSS
Exploits1References11
Rows per page
Query Builder