CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

500 matches found

UbuntuCve•added 2019/07/22 12:0 a.m.•21 views

CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

9.3CVSS7.1AI score0.0205EPSS

Exploits0References3

OSV•added 2019/07/22 12:0 a.m.•1 views

UBUNTU-CVE-2019-13638

7.8CVSS7.1AI score0.0205EPSS

Exploits0References4

Github Security Blog•added 2019/06/13 6:58 p.m.•20 views

Regular Expression Denial of Service (ReDoS)

A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS attacks...

5.6AI score

Exploits0References6Affected Software1

vulnersOsv•added 2019/06/13 6:58 p.m.•1 views

01-numacert (>=1.0.0 <=3.0.0), 101 (>=0.3.0 <=0.7.1) +18884 more potentially affected by unknown CVE via diff (>=1.0.1 <=3.4.0)

diff NPM version =1.0.1, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =5.4.4, =5.4.4, =2.2.1, =1.1.8, =1.0.0, =1.0.0, =0.1.0, =0.0.97, =0.0.981 - 3thisistest =3.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-H6CH-V84P-W6P9...

5.8AI score

Exploits0

OpenVAS•added 2019/05/07 12:0 a.m.•64 views

Fedora Update for patch FEDORA-2018-90af6f5b8a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.7AI score0.11805EPSS

Exploits0References2

OSV•added 2019/02/06 6:13 p.m.•2 views

DRUPAL-CONTRIB-2019-014

Acquia Connector facilitates sending certain telemetry data to Acquia for the purposes of analysis. The module automates the collection of site information to speed support communication and issue resolution. It is required for use with the Acquia Insight service. The module does not properly...

6.4AI score

Exploits0References1

Fedora•added 2018/10/30 5:45 p.m.•37 views

[SECURITY] Fedora 29 Update: patch-2.7.6-7.fc29

The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file patching th...

7.5CVSS2.5AI score0.11805EPSS

Exploits0

Fedora•added 2018/10/19 3:51 p.m.•38 views

[SECURITY] Fedora 27 Update: patch-2.7.6-5.fc27

7.8CVSS2.5AI score0.46115EPSS

Exploits0

Fedora•added 2018/10/15 10:47 a.m.•38 views

[SECURITY] Fedora 28 Update: patch-2.7.6-5.fc28

7.8CVSS2.5AI score0.46115EPSS

Exploits0

FreeBSD•added 2018/10/01 12:0 a.m.•531 views

Gitlab -- multiple vulnerabilities

Gitlab reports: SSRF GCP access token disclosure Persistent XSS on issue details Diff formatter DoS in Sidekiq jobs Confidential information disclosure in events API endpoint validatelocalhost function in urlblocker.rb could be bypassed Slack integration CSRF Oauth2 GRPC::Unknown logging token...

9.8CVSS2.1AI score0.00327EPSS

Exploits0References1

ossfuzz•added 2018/08/23 9:35 p.m.•16 views

ecc-diff-fuzzer/fuzz_ec: Unknown signal in __gmpn_sqr_basecase

Detailed report: https://oss-fuzz.com/testcase?key=5661474291187712 Project: ecc-diff-fuzzer Fuzzer: libFuzzerecc-diff-fuzzerfuzzec Fuzz target binary: fuzzec Job Type: libfuzzerubsanecc-diff-fuzzer Platform Id: linux Crash Type: Unknown signal Crash Address: 0x000000b0bc50 Crash State:...

6.8AI score

Exploits0Affected Software1

Hacker One•added 2018/07/26 5:24 p.m.•43 views

Ruby: OpenSSL::X509::Name Equality Check Does Not Work, Patch included

When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects will return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the fir...

7.5CVSS0.8AI score0.0421EPSS

Exploits0