Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1558 matches found

Debian
Debianadded 2018/01/22 2:43 a.m.25 views

[SECURITY] [DSA 4093-1] openocd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 [email protected] https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

9.6CVSS9.3AI score0.0189EPSS
Exploits1
Debian
Debianadded 2018/01/22 2:43 a.m.24 views

[SECURITY] [DSA 4093-1] openocd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 [email protected] https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

9.3CVSS1.2AI score0.0189EPSS
Exploits1
OpenVAS
OpenVASadded 2018/01/20 12:0 a.m.37 views

Debian: Security Advisory (DSA-4093-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS9.4AI score0.0189EPSS
Exploits1References4
NVD
NVDadded 2018/01/16 9:29 a.m.13 views

CVE-2018-5704

Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...

9.6CVSS9.2AI score0.0189EPSS
Exploits1References3
OSV
OSVadded 2018/01/16 9:29 a.m.0 views

UBUNTU-CVE-2018-5704

Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...

9.6CVSS6.1AI score0.0189EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2018/01/16 12:0 a.m.3 views

PT-2018-17099 · Open On Chip Debugger +1 · Openocd +1

Name of the Vulnerable Software and Affected Versions: Open On-Chip Debugger OpenOCD version 0.10.0 Description: The issue allows remote attackers to conduct cross-protocol scripting attacks and execute arbitrary commands via a crafted web site, by not blocking attempts to use HTTP POST for sendi...

9.6CVSS9.3AI score0.0189EPSS
Exploits1References19
OSV
OSVadded 2018/01/11 9:29 p.m.3 views

ALPINE-CVE-2018-5336

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...

7.5CVSS6.8AI score0.01011EPSS
Exploits0References1
OSV
OSVadded 2018/01/10 9:29 a.m.1 views

DEBIAN-CVE-2017-18026

Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands through the Mercurial adapter via vectors involving a branch whose name begins with a --config...

8.8CVSS7.8AI score0.00747EPSS
Exploits0References1
OSV
OSVadded 2018/01/10 9:29 a.m.0 views

UBUNTU-CVE-2017-18026

Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands through the Mercurial adapter via vectors involving a branch whose name begins with a --config...

8.8CVSS7.6AI score0.00747EPSS
Exploits0References7
Mageia
Mageiaadded 2018/01/03 2:22 p.m.28 views

Updated python-werkzeug packages fix security vulnerability

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message CVE-2016-10516...

3.9AI score
Exploits0References2
Exploit DB
Exploit DBadded 2017/12/05 12:0 a.m.82 views

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: [email protected] Vendor Homepage: www.resolver.com Version: Perspective ICM Investigation & Case -...

8.8CVSS8.8AI score0.02372EPSS
Exploits4
exploitpack
exploitpackadded 2017/12/01 12:0 a.m.31 views

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow Exploit Title: Socusoft Photo 2 Video Converter v8.0.0 Local Buffer Overflow Free and Professional variants Date: 01/12/2017 Exploit Author: Jason Magic ret2eax Vendor Homepage: www.socusoft.com Version: 8.0.0 Tested on: Windows Serve...

0.6AI score
Exploits0
Fedora
Fedoraadded 2017/11/30 3:41 p.m.24 views

[SECURITY] Fedora 27 Update: python-werkzeug-0.12.2-1.fc27

Werkzeug =3D=3D=3D=3D=3D=3D=3D=3D Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility modules. It includes a powerful debugger, full featured request and response objects, HTTP utilities to handle entity tags, cache...

6.1CVSS6.6AI score0.00411EPSS
Exploits0
FreeBSD
FreeBSDadded 2017/11/15 12:0 a.m.21 views

FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO)

Problem Description: Not all information in the struct ptracelwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of informatio...

3.3CVSS4.9AI score0.00075EPSS
Exploits0
Fedora
Fedoraadded 2017/11/03 1:30 p.m.10 views

[SECURITY] Fedora 26 Update: seamonkey-2.49.1-1.fc26

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

2AI score
Exploits0
CNVD
CNVDadded 2017/10/30 12:0 a.m.1 views

Pallets Flask Pallets Werkzeug Cross Site Scripting Vulnerability

Pallets Flask is a Python-based web application development tool from the Pallets project.Pallets Werkzeug is one of the WSGI toolkits. A cross-site scripting vulnerability exists in the 'renderfull' function of the debug/tbtools.py file of the debugger for Pallets Flask and other products used i...

6.1CVSS5.9AI score0.00411EPSS
Exploits0References1
Prion
Prionadded 2017/10/23 4:29 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

4.3CVSS6AI score0.00411EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2017/10/23 4:29 p.m.1 views

DEBIAN-CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6.1CVSS6AI score0.00411EPSS
Exploits0References1
OSV
OSVadded 2017/10/23 4:29 p.m.26 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6.1CVSS6AI score
Exploits0References3
NVD
NVDadded 2017/10/23 4:29 p.m.14 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6.1CVSS6.1AI score0.00411EPSS
Exploits0References3
Rows per page
Query Builder