CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

Positive Technologies•added 2020/11/13 12:0 a.m.•2 views

PT-2020-6937 · Pypi +3 · Pypdf +3

Name of the Vulnerable Software and Affected Versions: pypdf versions prior to 1.27.9 Description: The issue is related to algorithmic complexity in the pypdf library, which can be exploited by an attacker to craft a PDF that leads to unexpected long runtime, blocking the current process and...

7.8CVSS6.1AI score0.00165EPSS

Exploits1References32

OpenVAS•added 2020/09/29 12:0 a.m.•15 views

Huawei EulerOS: Security Advisory for perl-Email-Address (EulerOS-SA-2020-2104)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00492EPSS

Exploits0References2

Tenable Nessus•added 2020/09/28 12:0 a.m.•44 views

EulerOS 2.0 SP3 : perl-Email-Address (EulerOS-SA-2020-2104)

According to the versions of the perl-Email-Address package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to...

7.8CVSS7.2AI score0.00492EPSS

Exploits0References3

Tenable Nessus•added 2020/09/18 12:0 a.m.•45 views

Ubuntu 16.04 LTS / 18.04 LTS : Email-Address-List vulnerability (USN-4517-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4517-1 advisory. It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to...

7.5CVSS7.2AI score0.01372EPSS

Exploits0References2

Ubuntu•added 2020/09/17 9:20 p.m.•54 views

USN-4517-1: Email-Address-List vulnerability

It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service. CVE-2018-18898...

7.5CVSS7.2AI score0.01372EPSS

Exploits0

BDU FSTEC•added 2020/09/11 12:0 a.m.•2 views

The vulnerability in the implementation of the TLS protocol in Cisco AsyncOS software for Cisco Email Security Appliances allows a attacker to induce a service failure.

The vulnerability of the TLS Transport Layer Security implementation in Cisco AsyncOS software for Cisco Email Security Appliances is related to algorithmic complexity. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

5.3CVSS5.5AI score0.0043EPSS

Exploits0References2Affected Software1

FreeBSD•added 2020/03/20 12:0 a.m.•34 views

Python -- multiple vulnerabilities

Python reports: gh-95778: Converting between int and str in bases other than 2 binary, 4, 8 octal, 16 hexadecimal, or 32 such as base 10 decimal now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic...

7.5CVSS0.4AI score0.00384EPSS

Exploits0References1

NVD•added 2020/03/10 6:15 p.m.•15 views

CVE-2019-13011

An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template names. It has excessive algorithmic complexity...

4.3CVSS4.2AI score0.00106EPSS

Exploits0References2

Prion•added 2020/03/10 6:15 p.m.•18 views

Code injection

4CVSS4.6AI score0.00106EPSS

Exploits0References2Affected Software1

CVE•added 2020/03/10 5:9 p.m.•60 views

CVE-2019-13011

CVE-2019-13011 affects GitLab Enterprise Edition 8.11.0 through 12.0.2. An attacker with access to a project (but not its repository) could brute-force enumerate a list of merge request template names, due to excessive algorithmic complexity in the relevant function. The vulnerability has a netwo...

4.3CVSS4.5AI score0.00106EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/03/10 5:9 p.m.•17 views

CVE-2019-13011

4.6AI score0.00106EPSS

Exploits0References2

Debian CVE•added 2020/03/10 5:9 p.m.•21 views

CVE-2019-13011

Removed by vendor...

4.3CVSS5.8AI score0.00106EPSS

Exploits0

OpenVAS•added 2020/01/23 12:0 a.m.•23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1428)

9.8CVSS8.6AI score0.15626EPSS

Exploits10References2

NVD•added 2019/10/31 9:15 p.m.•17 views

CVE-2012-6125