Lucene search
K

53 matches found

OSV
OSV
added 2021/02/23 11:15 p.m.2 views

CVE-2021-20252

A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...

6.5CVSS6.6AI score0.00972EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/23 10:24 p.m.35 views

CVE-2021-20252

A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...

6.5AI score0.00972EPSS
Exploits0References1
CVE
CVE
added 2021/02/23 10:24 p.m.63 views

CVE-2021-20252

CVE-2021-20252 affects Red Hat 3scale API Management Platform 2. The vulnerability arises because the 3scale backend does not properly constrain user-requested date ranges in certain queries, allowing an authenticated user to submit a sufficiently large date range that can trigger an internal ser...

6.8CVSS6.2AI score0.00972EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2020/12/11 8:35 p.m.7 views

CVE-2020-27133

creationtimestamp| type| source ---|---|--- 2020-12-11 20:35:53+00:00| seen| https://t.me/cibsecurity/20364 2020-12-11 20:46:09+00:00| seen| https://t.me/cibsecurity/20384 2020-12-11 21:25:23+00:00| seen| https://t.me/cibsecurity/20403 2020-12-11 22:04:41+00:00| seen| https://t.me/cibsecurity/204...

9.9CVSS8.7AI score0.01123EPSS
Exploits0References10
OSV
OSV
added 2020/09/01 7:46 p.m.9 views

GHSA-8RXG-9G6F-VQ9P Malicious Package in another-date-range-picker

Version 4.1.48 of another-date-range-picker contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 4.1.48 of this module is found...

9.8CVSS7.1AI score
Exploits0References4
Hacker One
Hacker One
added 2019/07/29 10:59 p.m.21 views

HackerOne: IDOR in Bugs overview enables attacker to determine the date range a hackathon was active

A minor Insecure Direct Object Reference IDOR vulnerability is present in the /bugs endpoint. One of the Bugs overview filters enables a program member to filter by Hackathon that their program was a part of. This filter is applied when hackathon IDs are provided in the hackathons parameter, like...

0.7AI score
Exploits0
Prion
Prion
added 2018/01/09 8:29 p.m.18 views

Input validation

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration beginning year extended delayed by 100 years...

4.3CVSS5.7AI score0.00485EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/09 8:29 p.m.21 views

CVE-2017-1000415

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration beginning year extended delayed by 100 years...

5.9CVSS6.2AI score0.00485EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/09 8:0 p.m.20 views

CVE-2017-1000415

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration beginning year extended delayed by 100 years...

5.8AI score0.00485EPSS
Exploits0References2
rapid7community
rapid7community
added 2017/05/17 9:31 p.m.47 views

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose and InsightVM users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. ...

7.4AI score0.00376EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/09/12 8:11 p.m.10 views

libarchive: Undefined behavior (signed integer overflow) in mtree parser

Undefined behavior signed integer overflow was discovered in libarchive, in the MTREE parser's calculation of maximum and minimum dates. A crafted mtree file could potentially cause denial of service...

7.8CVSS5.8AI score0.02122EPSS
Exploits1References4
Veeam
Veeam
added 2013/11/19 12:0 a.m.434 views

How to Collect Logs for Veeam Backup & Replication

Purpose This article documents how to collect logs from Veeam Backup & Replication and additional information to include when submitting a Veeam Support case for technical assistance. Additional Logging Veeam Backup & Replication interoperates with other Veeam products. Please refer to the...

6AI score
Exploits0Affected Software1
Circl
Circl
added 2013/10/09 8:31 a.m.13 views

CVE-2013-3897

creationtimestamp| type| source ---|---|--- 2013-10-09 08:31:46+00:00| seen| MISP/52551442-68dc-4e84-9325-42b5950d2109 2013-10-11 11:46:13+00:00| seen| MISP/5257e4a4-a694-4701-8cc4-42bdac1d4fa4 2013-10-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/28974 2018-05-29...

9.3CVSS7.3AI score0.77462EPSS
Exploits8References7
Rows per page
Query Builder