Lucene search
K

65 matches found

OSV
OSV
added 2022/02/07 6:50 p.m.19 views

CVE-2022-22931 Path traversal in Apache James 3.6.1

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

4.3CVSS6AI score0.01761EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/02/07 6:50 p.m.28 views

CVE-2022-22931 Path traversal in Apache James 3.6.1

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

6.8AI score0.01761EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/16 12:0 a.m.30 views

Nagios XI Local Elevation of Privilege Vulnerability (CNVD-2021-90916)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local elevation of privilege vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from the fact tha...

7.8CVSS2.5AI score0.00778EPSS
Exploits0References1
NVD
NVD
added 2021/08/13 12:15 p.m.30 views

CVE-2021-37347

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...

7.8CVSS0.00778EPSS
Exploits0References1
Prion
Prion
added 2021/08/13 12:15 p.m.33 views

Privilege escalation

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...

4.6CVSS7.7AI score0.00778EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/13 11:30 a.m.37 views

CVE-2021-37347

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...

8.5AI score0.00778EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/07/24 12:30 p.m.98 views

Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Purpose Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because...

7.4AI score
Exploits0References3
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.2 views

Apple watchOS 路径遍历漏洞

Apple watchOS is an operating system for smartwatches from Apple. A path traversal vulnerability exists in watchOS, which stems from insufficient validation of directory paths. The following products and versions are affected: watchOS: 7.0 18R382, 7.0.1 18R395, 7.0.2 18R402, 7.0.3 18R410, 7.1...

5.5CVSS5.7AI score0.00367EPSS
Exploits0References11
Veracode
Veracode
added 2020/03/26 2:15 a.m.42 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. An out-of-bounds array access in xfrmpolicyunlink allows an attacker to crash the OS due to the way directory validation are handled...

4.4CVSS3.2AI score0.0173EPSS
Exploits0References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/02 12:0 a.m.51 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4808)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4808 advisory. - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318219 CVE-2019-14283 Tenable has extracted the preceding description block...

8.8CVSS6.6AI score0.0173EPSS
Exploits1References5
NVD
NVD
added 2019/08/27 5:15 a.m.18 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.9CVSS6.2AI score0.0173EPSS
Exploits0References8
OSV
OSV
added 2019/08/27 5:15 a.m.1 views

DEBIAN-CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.4CVSS6.2AI score0.0173EPSS
Exploits0References1
OSV
OSV
added 2019/08/27 5:15 a.m.8 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.4CVSS7.9AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2019/08/27 5:15 a.m.54 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.9CVSS6.7AI score0.0173EPSS
Exploits0References4
Prion
Prion
added 2019/08/27 5:15 a.m.20 views

Out-of-bounds

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.9CVSS6.1AI score0.0173EPSS
Exploits0References8Affected Software3
Debian CVE
Debian CVE
added 2019/08/27 4:49 a.m.38 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

4.9CVSS6.6AI score0.0173EPSS
Exploits0
Cvelist
Cvelist
added 2019/08/27 4:49 a.m.30 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...

6.2AI score0.0173EPSS
Exploits0References8
CNVD
CNVD
added 2019/08/27 12:0 a.m.0 views

Linux kernel out-of-bounds array access vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions prior to 5.0.19, which stems from verifynewpolicyinfo in the net/xfrm/xfrmuser.c file failing to properly hand...

4.9CVSS7.3AI score0.0173EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/01/31 12:0 a.m.172 views

JVN#83826673: The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Impact Arbitrary...

7.8CVSS7.5AI score0.00944EPSS
Exploits0
CNVD
CNVD
added 2017/09/08 12:0 a.m.5 views

Cisco Prime Collaboration Provisioning Tool Arbitrary File Overwrite Vulnerability

Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication services capabilities for IP telephony, voice mail and unified communications environments. A security vulnerability exists in the batch...

8.5CVSS6.6AI score0.01921EPSS
Exploits0References1
Rows per page
Query Builder