Lucene search
K

20 matches found

OSV
OSV
added 2026/06/02 2:5 p.m.10 views

USN-8238-2 editorconfig-core vulnerability

USN-8238-1 fixed a vulnerability in EditorConfig. This update contains the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Original advisory details: It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A...

8.6CVSS5.8AI score0.00151EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2026/06/02 2:5 p.m.14 views

USN-8238-2: EditorConfig vulnerability

USN-8238-1 fixed a vulnerability in EditorConfig. This update contains the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Original advisory details: It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A...

8.6CVSS5.8AI score0.00151EPSS
Exploits1
OSV
OSV
added 2026/05/06 5:30 p.m.8 views

USN-8238-1 editorconfig-core vulnerability

It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...

8.6CVSS5.8AI score0.00151EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2026/05/06 5:30 p.m.10 views

USN-8238-1: EditorConfig vulnerability

It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...

8.6CVSS5.8AI score0.00151EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.14 views

PT-2026-38543

It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...

8.6CVSS5.8AI score0.00151EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.10 views

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from the handling of specially crafted ICC configuration files, where invalid enumeratio...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

TP-Link Archer BE230 安全漏洞

The TP-Link Archer BE230 is a wireless router produced by TP-Link Corporation. The TP-Link Archer BE230 v1.2 1.2.4 Build 20251218 rel.70420 versions had security vulnerabilities. These vulnerabilities stemmed from specially crafted configuration files that contained overly long parameters, and...

6.8CVSS5.8AI score0.00348EPSS
Exploits0References5
Redos
Redos
added 2025/12/03 12:0 a.m.15 views

ROS-20251203-05

A vulnerability in the Java library for handling Apache Commons Configuration files is related to the fact that, the application does not properly control internal resource consumption when loading a specially crafted configuration file. created configuration file. Exploitation of the vulnerabili...

6.5CVSS6AI score0.01663EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/06/12 12:0 a.m.5 views

PT-2024-4307 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.10.7 GitLab CE/EE versions 16.11 prior to 16.11.4 GitLab CE/EE versions 17.0 prior to 17.0.2 Description: A vulnerability in GitLab's CI/CD pipeline editor could allow for denial of service attacks through...

6.8CVSS7AI score0.00575EPSS
Exploits0References14
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.5 views

Chef InSpec Code Injection Vulnerability

Chef Software Chef InSpec is an open source automated testing and compliance checking framework from Chef Software designed to help developers and operations teams write, run, and maintain automated test scripts to validate the compliance and security of applications and infrastructure. A securit...

8.8CVSS6.9AI score0.00283EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/09/27 5:44 a.m.6 views

Multiple vulnerabilities in Panasonic KW Watcher

Overview KW Watcher provided by Panasonic contains multiple vulnerabilities listed below. Improper restriction of operations within the bounds of a memory buffer CWE-119 - CVE-2023-3471 Use after free CWE-416 - CVE-2023-3472 Michael Heinzl reported these vulnerabilities to Panasonic and...

8.6CVSS7.5AI score0.00419EPSS
Exploits0References9
OSV
OSV
added 2021/04/01 12:0 p.m.5 views

USN-4899-1 spamassassin vulnerability

Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code...

10CVSS7AI score0.06132EPSS
Exploits0References2
OSV
OSV
added 2021/03/15 10:15 p.m.4 views

CVE-2020-27282

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently unusable by uploading specially crafted configuration files...

4.3CVSS5.8AI score0.00253EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.31 views

RHEL 8 : spamassassin (RHSA-2020:4625)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4625 advisory. The SpamAssassin tool provides a way to reduce unsolicited commercial email spam from incoming email. Security Fixes: spamassassin: crafted...

9.3CVSS7AI score0.07234EPSS
Exploits0References13
AlmaLinux
AlmaLinux
added 2020/11/03 12:21 p.m.34 views

Moderate: spamassassin security update

The SpamAssassin tool provides a way to reduce unsolicited commercial email spam from incoming email. Security Fixes: spamassassin: crafted configuration files can run system commands without any output or errors CVE-2018-11805 spamassassin: crafted email message can lead to DoS CVE-2019-12420...

9.3CVSS1.1AI score0.07234EPSS
Exploits0References4
OSV
OSV
added 2020/03/23 4:15 p.m.3 views

DEBIAN-CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

7.8CVSS7.3AI score0.00487EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2020/03/23 3:36 p.m.24 views

CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

9.3CVSS8.4AI score0.00487EPSS
Exploits1
OSV
OSV
added 2020/01/30 6:15 p.m.3 views

UBUNTU-CVE-2020-1931

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian...

8.1CVSS6.8AI score0.06464EPSS
Exploits0References7
OSV
OSV
added 2020/01/15 10:37 a.m.8 views

USN-4237-2 spamassassin vulnerabilities

USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a...

7.5CVSS6.9AI score0.07234EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of the Emerson DeltaV digital automation system allows a malicious individual to increase their privileges and gain unauthorized access to confidential information.

The vulnerability of the Emerson DeltaV controller is related to errors that occur when processing a specially crafted configuration file. Exploiting this vulnerability allows a malicious individual to gain increased privileges and access confidential information without authorization...

4.6CVSS5.5AI score0.00655EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder