Lucene search
+L

899 matches found

CNVD
CNVD
added 2017/07/05 12:0 a.m.34 views

Alpine Linux's package manager buffer overflow vulnerability

Alpine Linux's package manager apk is a package management tool for Linux. The tool is used to install, upgrade or remove software on a running system. A heap buffer overflow vulnerability exists in Alpine Linux's package manager. A remote attacker can exploit this vulnerability by creating a...

7.8CVSS7.9AI score0.03234EPSS
Exploits2References1
CNVD
CNVD
added 2017/07/05 12:0 a.m.33 views

Alpine Linux's package manager buffer error vulnerability

Alpine Linux's package manager apk is a package management tool for Linux. The tool is used to install, upgrade or remove software on a running system. A heap buffer overflow vulnerability exists in Alpine Linux's package manager. A remote attacker can exploit this vulnerability by creating a...

7.8CVSS7.9AI score0.03234EPSS
Exploits2References1
myhack58
myhack58
added 2017/06/29 12:0 a.m.52 views

Alpine Linux: from vulnerability discovery to code execution a-vulnerability warning-the black bar safety net

One, Foreword Recently I was in the Alpine Linux package Manager found two serious vulnerabilities, exploits, numbered CVE-2017-9669 and CVE-2017-9671。 If you are using Alpine, an attacker may use these two holes in your host to execute malicious code. Alpine Linux is a lightweight Linux...

7.9AI score0.03234EPSS
Exploits3
seebug.org
seebug.org
added 2017/06/27 12:0 a.m.64 views

Alpine Linux: From vulnerability discovery to code execution

I’ve recently uncovered two critical vulnerabilities in Alpine Linux’s package manager, assigned CVE-2017-9669 and CVE-2017-9671. These vulnerabilities could potentially lead to an attacker executing malicious code on your machines, if you are using Alpine knowingly or implicitly. Alpine Linux is...

6.8CVSS8.4AI score0.03234EPSS
Exploits3
OSV
OSV
added 2017/06/08 4:29 p.m.4 views

ALPINE-CVE-2017-9023

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...

7.5CVSS6.8AI score0.02222EPSS
Exploits0References1
OSV
OSV
added 2017/06/05 4:29 p.m.3 views

ALPINE-CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

8.2CVSS6.8AI score0.00573EPSS
Exploits0References1
OSV
OSV
added 2017/06/01 4:29 p.m.3 views

ALPINE-CVE-2017-8386

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with...

8.8CVSS7.2AI score0.12387EPSS
Exploits2References1
OSV
OSV
added 2017/05/23 4:29 a.m.4 views

ALPINE-CVE-2016-9840

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...

8.8CVSS7.2AI score0.04793EPSS
Exploits0References1
OSV
OSV
added 2017/05/23 4:29 a.m.4 views

ALPINE-CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...

9.8CVSS7.2AI score0.0755EPSS
Exploits0References1
OSV
OSV
added 2017/03/03 4:59 p.m.2 views

ALPINE-CVE-2016-7971

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

6.9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/03/03 12:0 a.m.64 views

WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS

------------------------------------------------------------------------ Cross-Site Scripting in Alpine PhotoTile for Instagram WordPress Plugin ------------------------------------------------------------------------ Antonis Manaras, July 2016...

7.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2017/03/01 12:0 a.m.10 views

Alpine PhotoTile - Authenticated Reflected Cross-Site Scripting (XSS)

The alpine-photo-tile-for-instagram WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...

2.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/28 1:59 a.m.5 views

ALPINE-CVE-2016-7986

The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions...

9.8CVSS7.8AI score0.03198EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/01/26 9:41 p.m.9 views

calgaryalpine.com XSS vulnerability

Vulnerable URL: http://www.calgaryalpine.com/?s=vdfvd%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Autofocus/%0D/Onfocus=confirm%60OPENBUGBOUNTY%60//%3E%3CSvg%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
OSV
OSV
added 2016/12/13 8:59 p.m.3 views

ALPINE-CVE-2016-7946

X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length fields...

7.5CVSS6.8AI score0.03009EPSS
Exploits0References1
OSV
OSV
added 2016/10/07 2:59 p.m.3 views

ALPINE-CVE-2016-7167

Multiple integer overflows in the 1 curlescape, 2 curleasyescape, 3 curlunescape, and 4 curleasyunescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow...

9.8CVSS7.6AI score0.11737EPSS
Exploits0References1
CERT
CERT
added 2016/01/20 12:0 a.m.66 views

ffmpeg and Libav cross-domain information disclosure vulnerability

Overview ffmpeg is a "cross-platform solution to record, convert and stream audio and video". ffmpeg is vulnerable to local file disclosure due to improper enforcement of domain restrictions when processing playlist files. Description CWE-201: Information Exposure Through Sent Data- CVE-2016-1897...

5.5CVSS5.5AI score0.14621EPSS
Exploits3References2
Openbugbounty
Openbugbounty
added 2015/12/21 2:7 p.m.19 views

alpine-space.org vulnerability

Vulnerable URL: http://www.alpine-space.org/2000-2006/external.html?link=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability status:| Publicly disclosed Alexa Rank| 18194204 Google Pagerank| 6 VIP website status:| No Check...

6.9AI score
Exploits0
WPVulnDB
WPVulnDB
added 2015/08/20 12:0 a.m.21 views

Alpine PhotoTile for Instagram <= 1.2.7.5 - Authenticated Cross-Site Scripting (XSS)

The alpine-photo-tile-for-instagram WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.6AI score0.00867EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2015/08/20 12:0 a.m.6 views

WordPress Alpine PhotoTile for Instagram Plugin <= 1.2.7.5 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder