Lucene search
K

48 matches found

OSV
OSV
added 2019/06/18 4:15 p.m.7 views

CVE-2018-18839

An issue was discovered in Netdata 1.10.0. Full Path Disclosure FPD exists via api/v1/alarms. NOTE: the vendor says "is intentional...

5.3CVSS5.2AI score
Exploits0References3
OSV
OSV
added 2019/06/18 4:15 p.m.3 views

DEBIAN-CVE-2018-18836

An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.5CVSS7.4AI score0.01962EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/06/18 4:15 p.m.29 views

CVE-2018-18839

An issue was discovered in Netdata 1.10.0. Full Path Disclosure FPD exists via api/v1/alarms. NOTE: the vendor says "is intentional...

5.3CVSS6.8AI score0.01867EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/06/18 3:13 p.m.38 views

CVE-2018-18836

An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.5CVSS7.1AI score0.01962EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/06/18 3:11 p.m.44 views

CVE-2018-18837

An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.1CVSS6.9AI score0.01751EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/06/18 3:6 p.m.27 views

CVE-2018-18839

An issue was discovered in Netdata 1.10.0. Full Path Disclosure FPD exists via api/v1/alarms. NOTE: the vendor says "is intentional...

5.3CVSS6.2AI score0.01867EPSS
Exploits0
CVE
CVE
added 2019/06/18 3:6 p.m.171 views

CVE-2018-18839

CVE-2018-18839 affects Netdata 1.10.0 and is described as Full Path Disclosure via api/v1/alarms. The vendor states this behavior is intentional. OpenSUSE advisories mark CVE-2018-18839 as disputed/not fixed in some Nessus entries, while later advisories describe the update as addressing other is...

5.3CVSS6AI score0.01867EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/03/21 6:59 a.m.31 views

Server side request forgery (ssrf)

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

5CVSS5.5AI score0.02034EPSS
Exploits0References4
Rows per page
Query Builder