Lucene search
K

54 matches found

NVD
NVD
added 2021/05/27 1:15 p.m.22 views

CVE-2021-31535

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

9.8CVSS0.10634EPSS
Exploits2References19
UbuntuCve
UbuntuCve
added 2021/05/18 12:0 a.m.46 views

CVE-2021-31535

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

9.8CVSS7.1AI score0.10634EPSS
Exploits2References7
CVE
CVE
added 2018/06/05 9:0 p.m.107 views

CVE-2018-1000193

CVE-2018-1000193 is an improper neutralization of control sequences affecting Jenkins 2.120 and older (LTS 2.107.2 and older) in HudsonPrivateSecurityRealm.java. An attacker can sign up using usernames containing control characters that may appear to match other usernames and then be non-removabl...

4.3CVSS4.6AI score0.01045EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.20 views

CVE-2018-1000193

A improper neutralization of control sequences vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in HudsonPrivateSecurityRealm.java that allows users to sign up using user names containing control characters that can then appear to have the same name as other users, and canno...

5.8AI score0.01045EPSS
Exploits0References2
OSV
OSV
added 2017/10/24 6:33 p.m.28 views

GHSA-Q44R-F2HM-V76V Pupper does not properly restrict characters in Common Name field of Certificate Signing Request

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS6AI score0.02453EPSS
Exploits1References12
BDU FSTEC
BDU FSTEC
added 2016/11/03 12:0 a.m.6 views

The vulnerability of the Vte Terminal allows a perpetrator to cause a service failure.

The vulnerability of the Vte Terminal arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure a long cycle and exhaustion of processor resources by entering a control sequence with a high value...

4CVSS5.7AI score0.11151EPSS
Exploits1References12Affected Software1
NVD
NVD
added 2012/08/06 4:55 p.m.18 views

CVE-2012-3867

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS6.3AI score0.02453EPSS
Exploits1References9
OSV
OSV
added 2012/08/06 4:55 p.m.2 views

DEBIAN-CVE-2012-3867

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS6.7AI score0.02453EPSS
Exploits1References1
Prion
Prion
added 2012/08/06 4:55 p.m.20 views

Design/Logic Flaw

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS6.8AI score0.02453EPSS
Exploits1References9Affected Software7
Debian CVE
Debian CVE
added 2012/08/06 4:0 p.m.31 views

CVE-2012-3867

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS6.3AI score0.02453EPSS
Exploits1
CVE
CVE
added 2012/08/06 4:0 p.m.104 views

CVE-2012-3867

CVE-2012-3867 affects Puppet modules where CSR Common Name validation is lax in Puppet before 2.6.17 and in 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2. This allows user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequenc...

4.3CVSS6.3AI score0.02453EPSS
Exploits1References9Affected Software2
UbuntuCve
UbuntuCve
added 2012/07/12 12:0 a.m.33 views

CVE-2012-3867

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

4.3CVSS5.9AI score0.02453EPSS
Exploits1References3
securityvulns
securityvulns
added 2007/07/27 12:0 a.m.87 views

IBM AIX utilities multiple security vulnerabilities

Multiple suid root ftp client buffer overflow, dynamic library loading via -R command line argument in pioout, buffer overflow with terminal control sequences in capture...

6.9CVSS3.7AI score0.03496EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2007/07/26 10:0 p.m.31 views

CVE-2007-3333

Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences...

7.9AI score0.03496EPSS
Exploits0References9
Rows per page
Query Builder