Lucene search
K

85 matches found

Broadcom
Broadcom
added 2022/11/08 12:0 a.m.44 views

CVE-2022-24903: A flaw in rsyslog TCP module could allows an attacker to craft a malicious message leading to a heap-based buffer overflow.

Rsyslog is vulnerable to remote code execution RCE due to improper validation of input data when octet-counted framing is used. An attacker could exploit this vulnerability by supplying a system with maliciously crafted messages. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...

8.1CVSS4.5AI score0.03821EPSS
Exploits0
Broadcom
Broadcom
added 2022/11/08 12:0 a.m.1706 views

CVE-2021-23017: NGINX Resolver Vulnerability

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. Products Affected. Brocade SANnav - Fixed in Brocade SANnav 2.2.1...

7.7CVSS0.9AI score0.53461EPSS
Exploits10
Broadcom
Broadcom
added 2022/09/27 12:0 a.m.14 views

CVE-2022-0778 - Infinite loop in BN_mod_sqrt() reachable when parsing certificates

Security Advisory ID: BSA-2022-1752 Component: OpenSSL Revision: 2.0 The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. More information is at https://www.openssl.org/news/secadv/20220315.txt Affected Products Broca...

7.5CVSS6.6AI score0.70561EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.22 views

Security Bulletin: IBM Cognos BI 8.4 Partial Denial of Service Vulnerability

Abstract A malicious IBM Cognos BI 8.4 user is able to send a crafted request to the Cognos server which triggers high CPU utilization that may cause a partial denial of service condition due to CPU consumption. This vulnerability can only be exploited by authenticated users, and is not applicabl...

4CVSS1.9AI score0.00973EPSS
Exploits0Affected Software1
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.46 views

CVE-2018-0732. Client DoS due to large DH parameter.

During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

7.5CVSS2.6AI score0.49268EPSS
Exploits0Affected Software1
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.60 views

CVE-2021-29650. The netfilter subsystem allows attackers to cause a denial of service.

Security Advisory ID : BSA-2022-1462 Component : Kernel Revision : 1.0 A denial-of-service DoS flaw was identified in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h...

5.5CVSS7AI score0.00413EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/04/02 12:0 a.m.41 views

SQL injection in pagekit/pagekit

Pagekit is a modular and lightweight CMS built with Symfony components and Vue.js. The configAction in SettingsController allow user to set the order of comments listing. The allowed options are ASC and DESC. That config then get concatenated directly to the SQL query. Due to the fact that there...

10CVSS1.9AI score0.01513EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/02/05 7:15 p.m.5 views

CVE-2020-10234

The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...

6.5CVSS5.7AI score0.03775EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2021/02/02 5:58 p.m.7 views

abracadabra (>=0.0.0 <=0.0.5), adversarial-labeller (=0.1.8) +210 more potentially affected by CVE-2021-23980 via bleach (>=1.2.2 <=3.2.3)

bleach PYPI version =1.2.2, =0.0.0, =1.0.0, =0.0.1, =1.10.0, =0.1.0, =0.0.6, =0.3.0, =0.0.9, =0.3.4, =0.0.5, =0.1.0rc1, =0.1.3, =1.0.0 and more Source cves: CVE-2021-23980 Source advisory: OSV:PYSEC-2021-865...

6.1CVSS6.8AI score0.00483EPSS
Exploits1
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.748 views

aSc TimeTables 2021.6.2 Denial Of Service

Exploit Title: aSc TimeTables 2021.6.2 - Denial of Service PoC Date: 2020-01-12 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2021.6.2 Tested on: Windows 10 Home x64 STEPS Open the program aS...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.492 views

aSc TimeTables 2021.6.2 - Denial of Service (PoC)

Exploit Title: aSc TimeTables 2021.6.2 - Denial of Service PoC Date: 2020-01-12 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2021.6.2 Tested on: Windows 10 Home x64 STEPS Open the program aS...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/10/30 10:5 a.m.9 views

asc-usa.com Cross Site Scripting vulnerability OBB-1465168

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
CVE
CVE
added 2020/06/21 11:4 p.m.85 views

CVE-2020-14961

Concrete5 before 8.5.3 is vulnerable because it does not constrain the sort direction to a valid asc or desc value. The CVE-2020-14961 entry documents this issue in Concrete5, and Red Hat, OSV, GitHub advisories, and the NVD/NVD mirror consistently describe the vulnerable condition as part of Con...

5.3CVSS5.4AI score0.00943EPSS
Exploits0References2Affected Software1
Microsoft Secure
Microsoft Secure
added 2020/06/10 6:0 p.m.43 views

Misconfigured Kubeflow workloads are a security risk

Azure Security Center ASC monitors and defends thousands of Kubernetes clusters running on top of AKS. Azure Security Center regularly searches for and research for new attack vectors against Kubernetes workloads. We recently published a blog post about a large scale campaign against Kubernetes...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/05/31 8:59 p.m.10 views

asc.edu.bd Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1179428 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Exploits0
0day.today
0day.today
added 2020/02/25 12:0 a.m.101 views

aSc TimeTables 2020.11.4 - Denial of Service Exploit

Exploit Title: aSc TimeTables 2020.11.4 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2020.11.4 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program aSc...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/25 12:0 a.m.101 views

aSc TimeTables 2020.11.4 Denial Of Service

Exploit Title: aSc TimeTables 2020.11.4 - Denial of Service PoC Date: 2020-24-02 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2020.11.4 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open th...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2020/02/25 12:0 a.m.102 views

aSc TimeTables 2020.11.4 - Denial of Service (PoC)

aSc TimeTables 2020.11.4 - Denial of Service PoC Exploit Title: aSc TimeTables 2020.11.4 - Denial of Service PoC Date: 2020-24-02 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2020.11.4 Teste...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/10/14 12:0 a.m.18 views

WordPress Core 5.2.3 - Viewing UnauthenticatedPasswordPrivate Posts

WordPress Core 5.2.3 - Viewing UnauthenticatedPasswordPrivate Posts So far we know that adding ?static=1 to a wordpress URL should leak its secret content Here are a few ways to manipulate the returned entries: - order with asc or desc - orderby - m with m=YYYY, m=YYYYMM or m=YYYYMMDD date format...

0.9AI score
Exploits0
vulnersOsv
vulnersOsv
added 2019/04/24 5:29 p.m.5 views

abba-python (>=0.1.6 <=0.3.0), adpred (>=1.1.2 <=1.2.7) +360 more potentially affected by CVE-2018-10055 via tensorflow (>=1.0.1 <=1.7.0)

tensorflow PYPI version =1.0.1, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =0.2.0, =0.3.1, =0.1.0, =0.4.2, =0.1.0, =0.4.0, =0.1.0, =0.3.1 and more Source cves: CVE-2018-10055 Source advisory: OSV:PYSEC-2019-204...

8.1CVSS7.2AI score0.00442EPSS
Exploits0
Rows per page
Query Builder