CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Openbugbounty•added 2023/04/19 4:39 p.m.•8 views

cner-france.com Cross Site Scripting vulnerability OBB-3268088

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score

Exploits0

OpenVAS•added 2023/01/27 12:0 a.m.•28 views

Ubuntu: Security Advisory (USN-4794-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.26818EPSS

Exploits4References2

Ubuntu•added 2021/03/15 9:15 p.m.•43 views

USN-4794-1: libupnp vulnerabilities

Matthew Garrett discovered that libupnp mishandled POST requests by default. An attacker could use this vulnerability to write files to arbitrary locations in the victim's filesystem, possibly as root. CVE-2016-6255 It was discovered that libupnp mishandled certain input. A remote attacker could...

9.8CVSS8.4AI score0.26818EPSS

Exploits4

Tenable Nessus•added 2017/07/17 12:0 a.m.•51 views

Fedora 26 : libupnp (2017-23535a31f8)

miniserver: fix binding to ipv6 link-local addresses - Fix out-of-bound access in createurllist CVE-2016-8863 - If the error or info log files can not be created, use stderr and stdout instead. - SF Bug Tracker 132 CVE-2016-6255: write files via POST Note that Tenable Network Security has...

9.8CVSS7.9AI score0.26818EPSS

Exploits4References4

Tenable Nessus•added 2017/06/05 12:0 a.m.•31 views

openSUSE Security Update : libupnp (openSUSE-2017-650)

This update to libupnp 1.6.21 fixes the following security issues : - various string handling issues bsc898167 - CVE-2016-8863: out-of-bounds access bsc1006256 - CVE-2016-6255: fix for file write via POST bsc989948 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

9.8CVSS9.1AI score0.26818EPSS

Exploits4References6

OpenVAS•added 2017/03/14 12:0 a.m.•32 views

Fedora Update for libupnp FEDORA-2017-3bd0b2e2c0

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7AI score

Exploits0References2

Tenable Nessus•added 2017/03/13 12:0 a.m.•34 views

Fedora 25 : libupnp (2017-2c29702300)

9.8CVSS7.9AI score0.26818EPSS

Exploits4References4

CVE•added 2017/03/07 4:0 p.m.•106 views

CVE-2016-6255

CVE-2016-6255 affects libupnp (Portable UPnP SDK) before 1.6.21. A remote attacker can write arbitrary files in the webroot via a POST request to a UPnP HTTP server without a registered handler, enabling local file manipulation on vulnerable hosts. Connected sources show upstream fixes in libupnp...

7.5CVSS8.3AI score0.26818EPSS

Exploits4References10Affected Software1

Tenable Nessus•added 2016/12/20 12:0 a.m.•42 views

Debian DSA-3736-1 : libupnp - security update

Two vulnerabilities were discovered in libupnp, a portable SDK for UPnP devices. - CVE-2016-6255 Matthew Garret discovered that libupnp by default allows any user to write to the filesystem of the host running a libupnp-based server application. - CVE-2016-8863 Scott Tenaglia discovered a heap...

9.8CVSS8.8AI score0.26818EPSS

Exploits4References9

Debian•added 2016/12/16 1:1 p.m.•27 views

[SECURITY] [DSA 3736-1] libupnp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3736-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 16, 2016 https://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.26818EPSS

Exploits4

0day.today•added 2016/10/22 12:0 a.m.•87 views

MiCasa VeraLite Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platfor...

5CVSS0.1AI score0.26818EPSS

Exploits10

Packet Storm•added 2016/10/21 12:0 a.m.•79 views

MiCasa VeraLite Remote Code Execution

Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1. Description A remote attacker can execute...

0.6AI score0.26818EPSS

Exploits10

exploitpack•added 2016/10/20 12:0 a.m.•50 views

MiCasaVerde VeraLite - Remote Code Execution

MiCasaVerde VeraLite - Remote Code Execution Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1...

9CVSS0.5AI score0.26818EPSS

Exploits10

Debian•added 2016/08/18 12:12 a.m.•26 views

[SECURITY] [DLA 597-1] libupnp security update

Package : libupnp Version : 1.6.17-1.2+deb7u1 CVE ID : CVE-2016-6255 Debian Bug : 831857 It has been discovered that libupnps default behaviour allows anyone to write to the filesystem of the system running a libupnp-based server application. For Debian 7 "Wheezy", these problems have been fixed ...

7.5CVSS9.1AI score0.26818EPSS

Exploits4