Lucene search
K

1555 matches found

NVD
NVD
added 2019/09/23 6:15 p.m.25 views

CVE-2019-11277

Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny...

8.4CVSS8.1AI score0.01707EPSS
Exploits0References1
Prion
Prion
added 2019/09/23 6:15 p.m.16 views

Design/Logic Flaw

Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0, is vulnerable to LDAP injection. A remote authenticated malicious space developer can potentially inject LDAP filters via service instance creation, facilitating the malicious space developer to deny...

5.5CVSS8AI score0.01707EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2019/08/31 1:22 p.m.10 views

MGASA-2019-0229 Updated wpa_supplicant and hostapd packages fix security vulnerability

A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd AP and wpasupplicant infrastructure BSS station/mesh station. SAE Simultaneous Authentication of Equals is also known as WPA3-Personal. The discovered side channel attacks may be able to lea...

5.9CVSS5.9AI score0.03739EPSS
Exploits0References4
Mageia
Mageia
added 2019/08/31 1:22 p.m.61 views

Updated wpa_supplicant and hostapd packages fix security vulnerability

A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd AP and wpasupplicant infrastructure BSS station/mesh station. SAE Simultaneous Authentication of Equals is also known as WPA3-Personal. The discovered side channel attacks may be able to lea...

5.9CVSS0.9AI score0.03739EPSS
Exploits0References3
OSV
OSV
added 2019/08/18 8:46 a.m.10 views

OPENSUSE-SU-2019:1929-1 Security update for LibreOffice

This update for libreoffice and libraries fixes the following issues: LibreOffice was updated to 6.2.5.2 fate327121 bsc1128845 bsc1123455, bringing lots of bug and stability fixes. Additional bugfixes: - If there is no firebird engine we still need java to run hsqldb bsc1135189 - PPTX: Rectangle...

9.8CVSS9.7AI score0.67547EPSS
Exploits10References14
OSV
OSV
added 2019/08/16 2:0 p.m.2 views

GHSA-6R97-CJ55-9HRQ SQL Injection in Django

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to...

9.8CVSS6.9AI score0.47694EPSS
Exploits0References16
The Hacker News
The Hacker News
added 2019/08/16 12:5 p.m.2 views

European Central Bank Shuts Down 'BIRD Portal' After Getting Hacked

The European Central Bank ECB confirmed Thursday that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers. Headquartered in Germany, the European Central Bank ECB is the...

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/08/06 2:7 a.m.30 views

CVE-2019-13456

An information leak was discovered in the implementation of EAP-pwd in freeradius. An attacker could initiate several EAP-pwd handshakes to leak information, which can then be used to recover the user's WiFi password by performing dictionary and brute-force attacks...

6.5CVSS1.7AI score0.01632EPSS
Exploits1References3
OSV
OSV
added 2019/07/30 1:15 p.m.1 views

DEBIAN-CVE-2015-9290

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1GetPrivateDict where there is no check that the new values of cur and limit are sensible before going to Again...

9.8CVSS7.1AI score0.02746EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/22 12:0 a.m.2 views

Foxit PhantomPDF Denial of Service Vulnerability (CNVD-2019-24201)

PhantomPDF is a multifunctional PDF editor. A denial of service vulnerability exists in Foxit PhantomPDF versions prior to 8.3.11. The vulnerability stems from a duplicate release of the signature dictionary during the CSGSignatureF and CPDFDocument destructuring process. An attacker can exploit...

7.5CVSS6.7AI score0.02149EPSS
Exploits0References1
OSV
OSV
added 2019/07/21 7:15 p.m.4 views

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSGSignatureF and CPDFDocument destruction...

7.5CVSS7.1AI score0.02149EPSS
Exploits0References2
NVD
NVD
added 2019/07/21 7:15 p.m.22 views

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSGSignatureF and CPDFDocument destruction...

7.5CVSS7.4AI score0.02149EPSS
Exploits0References2
OSV
OSV
added 2019/07/21 7:15 p.m.2 views

CVE-2019-14208

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary...

7.5CVSS7.1AI score0.01644EPSS
Exploits0References1
NVD
NVD
added 2019/07/21 7:15 p.m.12 views

CVE-2019-14208

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary...

7.5CVSS7.5AI score0.01644EPSS
Exploits0References1
Prion
Prion
added 2019/07/21 7:15 p.m.16 views

Null pointer dereference

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary...

5CVSS7.4AI score0.01644EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/21 6:18 p.m.161 views

CVE-2019-14213

CVE-2019-14213 affects Foxit PhantomPDF before 8.3.11. The issue is a crash caused by repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. Impact is a crash/DoS vector as described in multiple sources. Remediation: upgrade to version 8.3.11 or later wh...

7.5CVSS7.3AI score0.02149EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/21 6:18 p.m.23 views

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSGSignatureF and CPDFDocument destruction...

7.4AI score0.02149EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/07/21 6:17 p.m.20 views

CVE-2019-14208

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary...

8AI score0.01644EPSS
Exploits0References1
CVE
CVE
added 2019/07/21 6:17 p.m.145 views

CVE-2019-14208

CVE-2019-14208 affects Foxit PhantomPDF prior to 8.3.10. The issue is a NULL pointer dereference that can crash the application when extracting a PDF object from a document or when parsing a portfolio containing a null dictionary. This vulnerability is documented across multiple sources (NVD/NVD-...

7.5CVSS7.8AI score0.01644EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/21 12:0 a.m.5 views

PT-2019-13537 · Foxit · Foxit Phantompdf

Name of the Vulnerable Software and Affected Versions: Foxit PhantomPDF versions prior to 8.3.11 Description: The issue is related to the repeated release of the signature dictionary during CSG SignatureF and CPDF Document destruction, which could cause the application to crash. Recommendations:...

7.5CVSS7.3AI score0.02149EPSS
Exploits0References3
Rows per page
Query Builder