Lucene search
K

664 matches found

Cvelist
Cvelist
•added 2019/08/13 8:50 p.m.•43 views

CVE-2019-9518 Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS7.6AI score0.25448EPSS
Exploits0References27
Positive Technologies
Positive Technologies
•added 2019/08/13 12:0 a.m.•6 views

PT-2019-2979 Ā· Alt LinuxĀ +7 Ā· Alt LinuxĀ +7

Name of the Vulnerable Software and Affected Versions: HTTP/2 implementations affected versions not specified Description: The issue is related to a flood of empty frames in HTTP/2 implementations, which can lead to a denial of service. An attacker sends a stream of frames with an empty payload a...

9.8CVSS6.3AI score0.95707EPSS
Exploits52References622
Veracode
Veracode
•added 2019/05/02 6:10 a.m.•25 views

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. This occurs in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted CONTINUATION frames in an HTTP/2 requests with headers larger than the server's...

7.5CVSS7.2AI score0.7907EPSS
Exploits4References49Affected Software4
Tenable Nessus
Tenable Nessus
•added 2019/04/18 12:0 a.m.•22 views

openSUSE Security Update : dovecot22 (openSUSE-2019-1220)

This update for dovecot22 fixes the following issues : Security issues fixed : - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...

8.8CVSS6.5AI score0.02462EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
•added 2019/04/09 12:0 a.m.•81 views

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2019:0900-1)

This update for dovecot22 fixes the following issues : Security issues fixed : CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...

8.8CVSS6.5AI score0.02462EPSS
Exploits1References8
OSV
OSV
•added 2019/04/08 9:12 a.m.•7 views

SUSE-SU-2019:0900-1 Security update for dovecot22

This update for dovecot22 fixes the following issues: Security issues fixed: - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...

8.8CVSS8.5AI score0.02462EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
•added 2018/12/18 12:0 a.m.•6 views

The vulnerability of the console utility for downloading files with wget arises from insufficient input validation, allowing a attacker to compromise data integrity.

The vulnerability of the console utility for downloading files with wget relates to the lack of processing of the ā€œ\r\nā€ sequence in line continuation strings during the grammatical analysis of HTTP headers containing Set-Cookies. Exploiting this vulnerability allows a remote attacker to insert...

6.5CVSS6.7AI score0.17249EPSS
Exploits5References3Affected Software1
CNVD
CNVD
•added 2018/05/18 12:0 a.m.•3 views

Foxit Reader Information Disclosure Vulnerability (CNVD-2018-11833)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An information disclosure vulnerability exists in the parsing of the Texture Continuation object in Foxit Reader version 9.0.0.29935, which occurs when the program fails to properly validate user-supplied data. The...

6.5CVSS6.1AI score0.02536EPSS
Exploits0References1
CNVD
CNVD
•added 2018/05/18 12:0 a.m.•3 views

Foxit Reader Information Disclosure Vulnerability (CNVD-2018-10556)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An out-of-bounds reading vulnerability exists in the parsing of the U3D Clod Progressive Mesh Continuation framework in Foxit Reader version 9.0.0.29935, where the program fails to properly validate user-submitted...

6.5CVSS6.4AI score0.02536EPSS
Exploits0References1
OSV
OSV
•added 2018/05/17 3:29 p.m.•4 views

CVE-2018-9979

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.5CVSS5AI score0.02536EPSS
Exploits0References2
NVD
NVD
•added 2018/05/17 3:29 p.m.•22 views

CVE-2018-9979

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.5CVSS6.2AI score0.02536EPSS
Exploits0References2
Cvelist
Cvelist
•added 2018/05/17 3:0 p.m.•24 views

CVE-2018-10492

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8AI score0.02536EPSS
Exploits0References2
CVE
CVE
•added 2018/05/17 3:0 p.m.•51 views

CVE-2018-9979

Foxit Reader 9.0.0.29935 is affected by a vulnerability in parsing Texture Continuation objects in U3D files that can disclose sensitive information. The root cause is improper validation of user-supplied data, leading to a read past the end of an allocated object. Exploitation requires user inte...

6.5CVSS6.5AI score0.02536EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
•added 2018/05/17 3:0 p.m.•24 views

CVE-2018-9979

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8AI score0.02536EPSS
Exploits0References2
OSV
OSV
•added 2018/05/06 10:29 p.m.•3 views

ALPINE-CVE-2018-0494

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...

6.5CVSS7.4AI score0.17249EPSS
Exploits5References1
NVD
NVD
•added 2018/05/06 10:29 p.m.•16 views

CVE-2018-0494

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...

6.5CVSS6.6AI score0.17249EPSS
Exploits5References13
AlpineLinux
AlpineLinux
•added 2018/05/06 10:0 p.m.•29 views

CVE-2018-0494

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...

6.5CVSS6.8AI score0.17249EPSS
Exploits5
UbuntuCve
UbuntuCve
•added 2018/05/06 12:0 a.m.•23 views

CVE-2018-0494

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...

6.5CVSS6.7AI score0.17249EPSS
Exploits5References5
OSV
OSV
•added 2018/05/06 12:0 a.m.•1 views

UBUNTU-CVE-2018-0494

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line...

6.5CVSS6.6AI score0.17249EPSS
Exploits5References6
0day.today
0day.today
•added 2018/04/29 12:0 a.m.•726 views

Android Bluetooth - Blueborne Information Leak (2) Exploit

Exploit for Android platform in category remote exploits from pwn import import bluetooth if not 'TARGET' in args: log.info"Usage: CVE-2017-0785.py TARGET=XX:XX:XX:XX:XX:XX" exit target = args'TARGET' servicelong = 0x0100 serviceshort = 0x0001 mtu = 50 n = 30 def packetservice, continuationstate:...

3.3CVSS0.3AI score0.12388EPSS
Exploits12
Rows per page
Query Builder