Lucene search
K

83 matches found

OSV
OSV
added 2023/09/13 1:15 p.m.7 views

CVE-2023-27998

A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/09/13 1:15 p.m.35 views

CVE-2023-27998

A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5.3CVSS5.4AI score0.004EPSS
Exploits0References1
Prion
Prion
added 2023/09/13 1:15 p.m.25 views

Code injection

A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5CVSS5.4AI score0.004EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/13 12:0 a.m.5 views

PT-2023-21471 · Fortinet · Fortipresence

Name of the Vulnerable Software and Affected Versions: FortiPresence versions 1.0 through 1.2.1 Description: A lack of custom error pages may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5.3CVSS5.2AI score0.004EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/13 12:0 a.m.6 views

Fortinet FortiPresence Security Vulnerability

Fortinet FortiPresence is a comprehensive data analytics solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiPresence that stems from the lack of a custom error page, which could allow an attacker to obtain sensitive information by navigating to a specific HTTP path...

5.3CVSS6.3AI score0.004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/21 12:0 a.m.30 views

GLSA-202305-27 : Tinyproxy: Memory Disclosure

The remote host is affected by the vulnerability described in GLSA-202305-27 Tinyproxy: Memory Disclosure - Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in...

7.5CVSS6.1AI score0.01413EPSS
Exploits1References3
Code423n4
Code423n4
added 2023/04/19 12:0 a.m.11 views

Use of revert Statement in requireOwner Function in Ownable Contract May Cause Unexpected Behavior

Lines of code Vulnerability details Summary: There is a potential issue with the error handling in the requireOwner function that may lead to unexpected behavior. Description: Description: The Ownable contract provides basic access control by defining an owner address that can be granted exclusiv...

6.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-3357

modssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service application crash via a non-SSL request to an SSL port, which triggers a NULL pointer dereference...

5.4CVSS6.8AI score0.24286EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS5.7AI score0.01413EPSS
Exploits1References4
Code423n4
Code423n4
added 2022/10/19 12:0 a.m.6 views

Initialize: No access control for initializatino and possible multiple initializations

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. First of all, there is no modifier for access control, any one can call initialize and the two require statements won't provent it. Second, it is possible that the initialize function is called multiple...

7.1AI score
Exploits0
OSV
OSV
added 2022/09/19 5:15 p.m.4 views

ALPINE-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS6.9AI score0.01413EPSS
Exploits1References1
OSV
OSV
added 2022/09/19 5:15 p.m.5 views

DEBIAN-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS5.8AI score0.01413EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/09/19 5:15 p.m.52 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS6.4AI score0.01413EPSS
Exploits1References7
Prion
Prion
added 2022/09/19 5:15 p.m.22 views

Heap overflow

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

5CVSS7.5AI score0.01413EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/09/19 5:15 p.m.5 views

UBUNTU-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS6.3AI score0.01413EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.5 views

PT-2022-25392 · Tinyproxy +2 · Tinyproxy +2

Name of the Vulnerable Software and Affected Versions: Tinyproxy versions prior to commit 84f203f Description: The issue is related to a potential leak of left-over heap data when custom error page templates containing special non-standard variables are used. This occurs because Tinyproxy commit...

9.8CVSS5.5AI score0.63076EPSS
Exploits3References47
Cvelist
Cvelist
added 2022/09/19 12:0 a.m.31 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.8AI score0.01413EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/09/19 12:0 a.m.71 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS6.1AI score0.01413EPSS
Exploits1
OSV
OSV
added 2022/09/19 12:0 a.m.50 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS3.2AI score0.01413EPSS
Exploits1References8
CVE
CVE
added 2022/09/19 12:0 a.m.86 views

CVE-2022-40468

CVE-2022-40468 affects tinyproxy. The issue is a potential leak of left-over heap data when using custom error page templates with non-standard variables, caused by uninitialized buffers in process_request() and related header handling. Multiple advisories confirm risk across distros, including D...

7.5CVSS7.4AI score0.01413EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder