Lucene search
K

72 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 8 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - httpd: Use-after-free on HTTP/2 stream shutdown CVE-2018-1302 Note that Nessus has not tested for this issue but ha...

5.8AI score0.13436EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.32 views

RHEL 6 : pyyaml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PyYAML: command execution through python/object/apply constructor in FullLoader CVE-2019-20477 - In PyYAM...

10AI score0.06031EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 7 : rubygem-rack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 - A possible denial of service...

7.9AI score0.35376EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.21 views

RHEL 7 : libexif (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libexif: Out-of-bounds heap read in exifdatasavedataentry function CVE-2017-7544 - A vulnerability was...

7.8AI score0.03798EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 5 : xsa183_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183 CVE-2016-6259 Note that...

7.3AI score0.00639EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 5 : librsvg2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - librsvg2: DoS parsing SVGs with circular definitions rsvgcssnormalizefontsize function CVE-2016-4348 Note that Ness...

7.3AI score0.02427EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.21 views

RHEL 6 : freetype (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: parsecharstrings function in type1/t1load.c does not ensure that a font contains a glyph name...

7.7AI score0.0339EPSS
Exploits2References4
Prion
Prion
added 2024/02/08 11:15 p.m.14 views

Security feature bypass

Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.6 views

M-09 Unmitigated

Lines of code Vulnerability details Mitigation of M-09: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings31 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future --- The text was...

7AI score
Exploits0
HackRead
HackRead
added 2022/12/31 4:43 a.m.32 views

3Commas API Database Leaked by Anonymous Hacker

By Deeba Ahmed 3Commas' CEO, Yuriy Sorokin, has acknowledged the breach. This is a post from HackRead.com Read the original post: 3Commas API Database Leaked by Anonymous Hacker...

2.1AI score
Exploits0
Hacker One
Hacker One
added 2021/02/03 5:47 a.m.14 views

MercadoLibre: Reflected Cross Site Scripting

Reflected Cross Site Scripting was reported by @madara. A proof-of-concept code was provided to demonstrate the vulnerability. The issue was acknowledged and addressed internally by MercadoLibre...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/08 12:0 a.m.40 views

man-cgi Local File Inclusion

man-cgi before 1.16 allows Local File Inclusion via absolute path traversal. If an Attacker provides a Filename as a Parameter e.g. https://example.org/cgi-bin/man-cgi?/etc/passwd the Script will read and return the local file. This is happening because of the way the Script calls the "man"...

7.7AI score0.03748EPSS
Exploits2
Talos
Talos
added 2018/05/31 12:0 a.m.38 views

Natus Xltek EEG NeuroWorks ItemList Deserialization Denial-of-Service Vulnerability

Summary An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...

7.5CVSS7.6AI score0.01388EPSS
Exploits0
0day.today
0day.today
added 2018/05/25 12:0 a.m.173 views

PHP Login And User Management 4.1.0 Shell Upload Vulnerability

Exploit for php platform in category web applications Title PHP Login & User Management = 4.1.0 - Arbitrary File Upload CVE-2018-11392 Product PHP Login & User Management https://codecanyon.net/item/php-login-user-management/49008 CVE CVE-2018-11392 Credit Reginald Dodd Description An arbitrary...

8.9AI score0.04582EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/05/24 12:0 a.m.39 views

PHP Login And User Management 4.1.0 Shell Upload

Title PHP Login & User Management = 4.1.0 - Arbitrary File Upload CVE-2018-11392 Product PHP Login & User Management https://codecanyon.net/item/php-login-user-management/49008 CVE CVE-2018-11392 Credit Reginald Dodd Description An arbitrary file upload vulnerability in /classes/profile.class.php...

8.9AI score0.04582EPSS
Exploits2
Talos
Talos
added 2018/04/13 12:0 a.m.31 views

Moxa EDR-810 Web Server Certificate Signing Request Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the CN= parm in the...

9CVSS9.1AI score0.04024EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/04/13 12:0 a.m.74 views

Appear TV XC Hardware Maintenance Centre Directory Traversal

CVE-2018-7539 Directory Traversal on Appear TV Maintenance centre 8088 Discoverer: Arqiva Threat Team Person Karl W Product: Appear TV XC Hardware Maintenance Centre on port TCP/8088 Vendor : Appear TV Code Versions: All Version Vulnerability: Directory Traversal Impact: It is possible to read OS...

3.5CVSS6.2AI score0.04601EPSS
Exploits3
Talos
Talos
added 2018/04/04 12:0 a.m.101 views

Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. Teste...

9.8CVSS9.7AI score0.02314EPSS
Exploits0
Packet Storm
Packet Storm
added 2017/09/30 12:0 a.m.66 views

JasperSoft JasperReports 4.7 Password Disclosure

Credits: Joshua Platz aka Binary1985 + CVE ID: CVE-2017-14941 + Website: https://github.com/binary1985 + Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941 Vendor: ==========================...

6.5AI score0.01039EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/08/14 12:0 a.m.33 views

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting

Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767 ========================================================== Overview Quali CloudShell v7.1.0.6508...

5.4CVSS5.5AI score0.0298EPSS
Exploits5
Rows per page
Query Builder