Lucene search
K

662 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-6318

saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANENETCONTROLOPTION packet...

7.5CVSS6.6AI score0.02963EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.2 views

SUSE CVE-2020-1778

When OTRS uses multiple backends for user authentication with LDAP, agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions...

4.3CVSS5.1AI score0.00643EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12862

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082...

4.3CVSS6.6AI score0.01077EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.1 views

SUSE CVE-2020-12861

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080...

8.8CVSS7.6AI score0.03044EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12863

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083...

4.3CVSS6.6AI score0.01006EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.4 views

SUSE CVE-2020-12865

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084...

7.4CVSS7.6AI score0.01457EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12866

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079...

5.7CVSS6.7AI score0.01041EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12864

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081...

4.3CVSS6.6AI score0.01204EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12867

A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075...

5.5CVSS6.6AI score0.00497EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.9 views

SUSE CVE-2021-26932

An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then...

5.9CVSS6.6AI score0.00346EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.2CVSS7.3AI score0.00332EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as "drive...

6.2CVSS7.4AI score0.00332EPSS
Exploits0References27
Veracode
Veracode
added 2023/02/14 5:23 p.m.30 views

Denial Of Service (DoS)

ceph:sid is vulnerable to Denial of Service DoS. The vulnerability relates to URL processing on RGW backends. URL processing can be exploited by an attacker using a NULL URL to cause denial of service to crash the RGW...

6.5CVSS6.4AI score0.00564EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.31 views

Debian dla-3285 : libapache-session-browseable-perl - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3285 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3285-1 [email protected]...

8.1CVSS7.4AI score0.00559EPSS
Exploits1References6
OSV
OSV
added 2023/01/27 5:15 a.m.3 views

DEBIAN-CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...

8.1CVSS7AI score0.00422EPSS
Exploits0References1
NVD
NVD
added 2023/01/27 5:15 a.m.29 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.7AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2023/01/27 5:15 a.m.1 views

UBUNTU-CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References4
OSV
OSV
added 2023/01/27 5:15 a.m.1 views

UBUNTU-CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...

8.1CVSS5.7AI score0.00422EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.41 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/08 12:0 a.m.10 views

CVE-2022-46792

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. Versions before 2.10.0 are unaffected...

6.9AI score0.0081EPSS
Exploits0References3
Rows per page
Query Builder