Lucene search
K

6054 matches found

Prion
Prion
added 2018/04/11 8:29 p.m.28 views

Remote code execution

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."...

6.5CVSS9AI score0.34986EPSS
Exploits2References9Affected Software2
Vulnrichment
Vulnrichment
added 2018/04/11 12:0 a.m.16 views

CVE-2018-10054

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."...

8.1AI score0.34986EPSS
Exploits2References10
CVE
CVE
added 2018/04/11 12:0 a.m.130 views

CVE-2018-10054

CVE-2018-10054 describes an RCE in H2 Database via the CREATE ALIAS mechanism. The issue affects H2 1.4.197 as used in Datomic before 0.9.5697 and other products, enabling remote code execution by an attacker with a crafted alias. Public references note exploit activity and Java code execution vi...

8.8CVSS9AI score0.34986EPSS
Exploits2References10Affected Software2
RedHat Linux
RedHat Linux
added 2018/04/10 9:1 a.m.3 views

kernel: Use-after-free in snd_seq_ioctl_create_port()

A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation...

7CVSS7.1AI score0.00377EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/04/03 12:0 a.m.4 views

PT-2018-10222 · Coreos +3 · Etcd +3

Name of the Vulnerable Software and Affected Versions: etcd versions 3.3.1 and earlier Description: A cross-site request forgery flaw was found, allowing an attacker to set up a website that tries to send a POST request to the etcd server and modify a key. Since adding a key is done with PUT, it ...

8.8CVSS6.4AI score0.04031EPSS
Exploits2References26
Positive Technologies
Positive Technologies
added 2018/03/23 12:0 a.m.3 views

PT-2018-3757 · Satori +1 · Go.Uuid +2

Name of the Vulnerable Software and Affected Versions: SIF versions prior to v1.2.3 Description: The issue is related to the github.com/satori/go.uuid module used as a dependency in SIF, which produces predictable UUID identifiers due to insecure randomness. This could allow a remote attacker to...

7.5CVSS6.9AI score0.00958EPSS
Exploits1References17
RedhatCVE
RedhatCVE
added 2018/03/21 4:20 a.m.35 views

CVE-2018-8740

A NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash...

7.5CVSS0.9AI score0.08186EPSS
Exploits0References1
Prion
Prion
added 2018/03/17 12:29 a.m.24 views

Null pointer dereference

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

5CVSS7.2AI score0.08186EPSS
Exploits0References14Affected Software2
ATTACKERKB
ATTACKERKB
added 2018/03/17 12:29 a.m.3 views

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS5.5AI score0.08186EPSS
Exploits0References21
OSV
OSV
added 2018/03/17 12:29 a.m.1 views

DEBIAN-CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS8.5AI score0.08186EPSS
Exploits0References1
OSV
OSV
added 2018/03/17 12:29 a.m.4 views

ALPINE-CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS6.9AI score0.08186EPSS
Exploits0References1
OSV
OSV
added 2018/03/17 12:29 a.m.3 views

UBUNTU-CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS6.7AI score0.08186EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2018/03/17 12:0 a.m.35 views

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS7.7AI score0.08186EPSS
Exploits0
CVE
CVE
added 2018/03/17 12:0 a.m.395 views

CVE-2018-8740

SQLite through 3.22.0 is vulnerable to a NULL pointer dereference when a database schema is corrupted via CREATE TABLE AS. The underlying issue is in build.c/prepare.c. The impact is a potential crash (denial of service). Affected disclosures across Debian, Cloud Foundry, and distro advisories co...

7.5CVSS7.3AI score0.08186EPSS
Exploits0References14Affected Software1
AlpineLinux
AlpineLinux
added 2018/03/17 12:0 a.m.42 views

CVE-2018-8740

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS7.6AI score0.08186EPSS
Exploits0
Prion
Prion
added 2018/03/16 1:29 p.m.13 views

Information disclosure

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

3.5CVSS6AI score0.00753EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/03/16 1:29 p.m.19 views

CVE-2016-10716

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

5.4CVSS5.3AI score0.00753EPSS
Exploits0References2
OSV
OSV
added 2018/03/16 1:29 p.m.4 views

CVE-2016-10715

The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira has XSS via the Board Name in a Create New Board action, related to an artezioboard/mainPage.jspa?kanbanId=7/kanban-view URI...

5.4CVSS5.8AI score0.0058EPSS
Exploits0References1
OSV
OSV
added 2018/03/16 1:29 p.m.3 views

CVE-2016-10716

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

5.4CVSS5.8AI score0.00753EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/16 1:0 p.m.23 views

CVE-2016-10716

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

5.3AI score0.00753EPSS
Exploits0References2
Rows per page
Query Builder