Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-7680

Malware in sbrugna...

6.5CVSS6.3AI score0.02048EPSS
Exploits1References6
OSV
OSV
added 2022/08/27 12:33 p.m.7 views

OPENSUSE-SU-2022:10101-1 Security update for nim

This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...

10CVSS7.4AI score0.04205EPSS
Exploits7References19
OPENSUSE Linux
OPENSUSE Linux
added 2022/08/27 12:0 a.m.41 views

Security update for nim (important)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10101-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...

10CVSS6.9AI score0.04205EPSS
Exploits7References9
OPENSUSE Linux
OPENSUSE Linux
added 2022/08/24 12:0 a.m.63 views

Security update for nim (important)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10095-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...

10CVSS7.3AI score0.04205EPSS
Exploits7References9
RedhatCVE
RedhatCVE
added 2022/05/21 12:26 a.m.26 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.5CVSS0.6AI score0.02048EPSS
Exploits1References1
NVD
NVD
added 2020/08/14 7:15 p.m.25 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.5CVSS6.4AI score0.02048EPSS
Exploits1References4
OSV
OSV
added 2020/08/14 7:15 p.m.19 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.5CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2020/08/14 7:15 p.m.107 views

Sql injection

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.4CVSS6.4AI score0.02048EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2020/08/14 7:15 p.m.37 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.5CVSS6.6AI score0.02048EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/08/14 6:47 p.m.28 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

7.9AI score0.02048EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/08/14 6:47 p.m.24 views

CVE-2020-15693

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call such as httpClient.get or httpClient.post, the User-Agent header value, or custom HTTP header names or value...

6.5CVSS6.4AI score0.02048EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/08/31 12:0 a.m.98 views

F5 Networks BIG-IP : Apache HTTP server vulnerability (SOL17189)

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

2.6CVSS5.7AI score0.19036EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.21 views

Fedora 17 : perl-Dancer-1.3093-3.fc17 (2013-9961)

This release fixes CR-LF injection into Cookie HTTP header CVE-2012-5572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5CVSS5.4AI score0.01497EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.27 views

Fedora 18 : perl-Dancer-1.3100-3.fc18 (2013-9950)

This release fixes CR-LF injection into Cookie HTTP header CVE-2012-5572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5CVSS5.4AI score0.01497EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.32 views

Fedora 19 : perl-Dancer-1.3111-3.fc19 (2013-9918)

This release fixes CR-LF injection into Cookie HTTP header CVE-2012-5572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5CVSS5.4AI score0.01497EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/10/08 12:0 a.m.50 views

WordPress 'wp-login.php' HTTP Response Splitting

According to its banner, the remote version of WordPress is vulnerable to an HTTP-splitting attack wherein an attacker can insert CR LF characters and then entice an unsuspecting user into accessing the URL. The client will parse and possibly act on the secondary header which was supplied by the...

5CVSS5.6AI score0.11226EPSS
Exploits1References2
Rows per page
Query Builder