Lucene search
+L

14 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-7792

Malware in sbrugna...

6.5CVSS6.6AI score0.00938EPSS
Exploits0References3
osv
osv
added 2021/03/24 5:15 p.m.4 views

CVE-2020-15809

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...

6.5CVSS6.6AI score0.00938EPSS
Exploits0References2
nvd
nvd
added 2021/03/24 5:15 p.m.19 views

CVE-2020-15809

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...

6.5CVSS0.00938EPSS
Exploits0References2
prion
prion
added 2021/03/24 5:15 p.m.18 views

Path traversal

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...

4CVSS6.6AI score0.00938EPSS
Exploits0References2Affected Software6
cvelist
cvelist
added 2021/03/24 4:54 p.m.25 views

CVE-2020-15809

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...

6.6AI score0.00938EPSS
Exploits0References2
cve
cve
added 2021/03/24 4:54 p.m.47 views

CVE-2020-15809

CVE-2020-15809 affects SpinetiX devices via spxmanage, enabling SSRF and Path Traversal to access unintended resources. Affected are: HMP350, HMP300 and DiVA up to 4.5.2-1.0.36229; HMP400 and HMP400W up to 4.5.2-1.0.2-1eb2ffbd; and DSOS up to 4.5.2-1.0.2-1eb2ffbd. Root cause is SSRF/Path Traversa...

6.5CVSS6.5AI score0.00938EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2021/03/24 12:0 a.m.4 views

SpinetiX SpinetiX 路径遍历漏洞

SpinetiX is an application platform from SpinetiX Germany. A solution suite is available. A security vulnerability exists in SpinetiX devices that originates from requests to access unintended resources due to SSRF and path traversal. The following products and versions are affected: HMP350,...

6.5CVSS6.5AI score0.00938EPSS
Exploits0References3
oraclelinux
oraclelinux
added 2018/04/16 12:0 a.m.66 views

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

9.8CVSS0.2AI score0.13368EPSS
Exploits12
nessus
nessus
added 2012/10/02 12:0 a.m.40 views

Mandriva Linux Security Advisory : apache (MDVSA-2012:154-1)

Multiple vulnerabilities has been found and corrected in apache ASF HTTPD : Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an...

6.9CVSS8AI score0.22515EPSS
Exploits5References4
nvd
nvd
added 2011/11/17 7:55 p.m.29 views

CVE-2011-4122

Directory traversal vulnerability in openpamconfigure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. dot dot in the servicename argument to the pamstart function, as demonstrated by a .. in the -c option to kcheckpass...

6.9CVSS6.3AI score0.00905EPSS
Exploits1References9
nvd
nvd
added 2008/12/11 3:30 p.m.24 views

CVE-2008-4844

Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in a craft...

9.3CVSS7.2AI score0.66513EPSS
Exploits10References21
cvelist
cvelist
added 2008/12/11 3:0 p.m.21 views

CVE-2008-4844

Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in a craft...

7.6AI score0.66513EPSS
Exploits10References21
cve
cve
added 2008/12/11 3:0 p.m.292 views

CVE-2008-4844

CVE-2008-4844 is a use-after-free vulnerability in the MSHTML component (CRecordInstance::TransferToDestination) of mshtml.dll that affects Internet Explorer 5.01/6/6 SP1/7. Exploitation enables remote code execution via crafted HTML/XML containing DSO bindings (XML Island, XML DSOs, or Tabular D...

9.3CVSS7.5AI score0.66513EPSS
Exploits10References21Affected Software1
vulncheck_kev
vulncheck_kev
added 2008/12/11 12:0 a.m.4 views

VulnCheck KEV: CVE-2008-4844

Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in...

9.3CVSS6.2AI score0.66513EPSS
Exploits10References1
Rows per page
Query Builder