Lucene search
+L

476 matches found

Cvelist
Cvelist
added 2023/06/25 12:0 a.m.33 views

CVE-2015-20109

endpattern called from internalfnmatch in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash, as demonstrated by use of the fnmatch library function with the ! pattern. NOTE: this is not the same as CVE-2015-8984...

6AI score0.00317EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/06/25 12:0 a.m.54 views

CVE-2015-20109

endpattern called from internalfnmatch in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash, as demonstrated by use of the fnmatch library function with the ! pattern. NOTE: this is not the same as CVE-2015-8984...

5.5CVSS7.1AI score0.00317EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.51 views

K15152: Ruby vulnerability CVE-2013-4164

Security Advisory Description Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a string that is...

6.8CVSS8.2AI score0.34968EPSS
Exploits3
F5 Networks
F5 Networks
added 2023/02/21 7:40 p.m.40 views

K15441: PHP vulnerability CVE-2011-1148

Security Advisory Description Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact by using the same variable for multiple arguments...

7.5CVSS7.2AI score0.04736EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.29 views

K16870: logrotate vulnerability CVE-2011-1154

Security Advisory Description The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a...

6.9CVSS7.2AI score0.00412EPSS
Exploits1Affected Software18
F5 Networks
F5 Networks
added 2023/02/21 6:50 p.m.45 views

K15571: OpenSSL vulnerability CVE-2014-3508

Security Advisory Description Description The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to...

4.3CVSS6.3AI score0.23292EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.35 views

K21284031: GnuPG vulnerability CVE-2014-4617

Security Advisory Description The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. CVE-2014-4617...

5CVSS6.6AI score0.03305EPSS
Exploits0Affected Software25
F5 Networks
F5 Networks
added 2023/02/21 6:17 p.m.51 views

K12597: PHP vulnerability CVE-2010-4156

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

5CVSS6.3AI score0.12786EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.4 views

SUSE CVE-2006-1902

foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...

2.1CVSS7.4AI score0.00418EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.4 views

SUSE CVE-2011-1154

The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name...

6.9CVSS7.7AI score0.00412EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-4440

Password Generator aka Pwgen before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

5CVSS6.9AI score0.01845EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.8CVSS9.1AI score0.02024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.5 views

SUSE CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

5CVSS6.6AI score0.0507EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.5 views

SUSE CVE-2016-9598

libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483...

6.5CVSS7.9AI score0.01235EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.4 views

SUSE CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...

9.8CVSS7AI score0.0755EPSS
Exploits0References49
OSV
OSV
added 2022/05/05 2:48 a.m.7 views

GHSA-8833-QRVM-WC3H OpenStack Keystone allows context-dependent attackers to bypass access restrictions

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the 1 user, 2 tenant, or 3 domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions...

5CVSS6.3AI score0.01747EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2022/05/01 2:31 a.m.34 views

Apache Derby exposes user and password attributes

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

5CVSS5.4AI score0.02451EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2020/02/17 10:15 p.m.31 views

CVE-2015-8751

Integer overflow in the jasmatrixcreate function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation...

8.8CVSS6.9AI score0.0251EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2020/02/11 7:19 p.m.56 views

CVE-2013-2213

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...

5.5CVSS6.6AI score0.00306EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2019-1461)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.7AI score0.02941EPSS
Exploits0References2
Rows per page
Query Builder