Lucene search
K

376 matches found

OSV
OSV
added 2021/02/02 9:42 p.m.7 views

GHSA-XHV5-W9C5-2R2W Unbounded connection acceptance in http4s-blaze-server

Impact blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its selector pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an...

7.5CVSS5.8AI score0.02146EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/02/02 9:42 p.m.89 views

Unbounded connection acceptance leads to file handle exhaustion

Impact All servers running blaze-core = 0.14.14, including blaze-http and http4s-blaze-server users, are affected. Blaze, accepts connections unconditionally on a dedicated thread pool. This has the net effect of amplifying degradation in services that are unable to handle their current request...

7.5CVSS1.1AI score0.02117EPSS
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2021/02/02 12:0 a.m.5 views

PT-2021-14396 · Unknown +2 · Blaze-Core +5

Name of the Vulnerable Software and Affected Versions: http4s versions prior to 0.21.17 http4s versions prior to 0.22.0-M2 http4s versions prior to 1.0.0-M14 Description: The issue is related to the blaze-core library, which accepts connections unboundedly on its selector pool. This can lead to a...

7.5CVSS7.1AI score0.02146EPSS
Exploits0References11
Hacker One
Hacker One
added 2020/06/17 2:0 p.m.25 views

PlayStation: Reflected XSS on transact.playstation.com using postMessage from the opening window

Report Summary: When transact.playstation.com loads it handles messages received from postMessage in the receiveMessageFromTransactClientService method. The only validation that is performed is to ensure that the referrer and origin match: javascript receiveMessageFromTransactClientService:...

Exploits0
CNVD
CNVD
added 2020/04/24 12:0 a.m.1 views

Beijing Qingqi Technology Co., Ltd Ember APP has Denial of Service Vulnerability

Shimmering App for PC is a novel social software to make friends through watching movies together. There is a denial-of-service vulnerability in Ember APP, which can be exploited by attackers to cause a denial-of-service attack...

6.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/05 12:0 a.m.6 views

@love-open-source/ember-slider (>=0.0.2 <=1.1.10), broccoli-compass-compiler (>=0.0.1 <=0.0.6) +1 more potentially affected by CVE-2020-7635 via compass-compile (=0.0.1)

compass-compile NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on compass-compile and may be impacted: - @love-open-source/ember-slider =0.0.2, =0.0.1, =0.1.0, =0.5.0 Source cves: CVE-2020-7635 Source advisory:...

9.8CVSS7.2AI score0.04358EPSS
Exploits1
Node.js
Node.js
added 2019/06/07 7:1 p.m.15 views

Malicious Package

Overview Version 1.0.8 of ember-power-timepicker contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your...

7AI score
Exploits0Affected Software1
CNVD
CNVD
added 2017/04/26 12:0 a.m.3 views

Ember.js Cross-Site Scripting Vulnerability

Tilde Ember.js is the United States Tilde company's set of JavaScript framework for creating Web applications . A cross-site scripting vulnerability exists in Ember.js. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00816EPSS
Exploits0References1
Fedora
Fedora
added 2011/03/17 3:26 a.m.22 views

[SECURITY] Fedora 15 Update: ember-0.6.0-5.fc15

Ember is a client for MMORPGs using the WorldForge system. It uses the Ogre 3D engine with CEGUI...

6.9CVSS1.7AI score0.00437EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2011/03/17 12:0 a.m.19 views

Fedora 15 : ember-0.6.0-5.fc15 (2011-3208)

Fix for CVE-2010-3355 bug 638381 This is just a rebuild to resolve a dependency conflict. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

6.9CVSS5.5AI score0.00437EPSS
Exploits1References3
NVD
NVD
added 2010/10/20 6:0 p.m.21 views

CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.3AI score0.00437EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2010/10/20 6:0 p.m.26 views

CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS5.9AI score0.00437EPSS
Exploits1References1
Prion
Prion
added 2010/10/20 6:0 p.m.11 views

Directory traversal

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.9AI score0.00437EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2010/10/20 5:0 p.m.24 views

CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.3AI score0.00437EPSS
Exploits1References1
CVE
CVE
added 2010/10/20 5:0 p.m.51 views

CVE-2010-3355

Ember 0.5.7 places a zero-length directory name in LD_LIBRARY_PATH, allowing local users to gain privileges via a Trojan horse shared library in the current working directory. Root cause: malformed LD_LIBRARY_PATH handling. Impact: local privilege escalation with potential full compromise if expl...

6.9CVSS6.5AI score0.00437EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2010/10/20 5:0 p.m.18 views

CVE-2010-3355

Removed by vendor...

6.9CVSS6.9AI score0.00437EPSS
Exploits1
Rows per page
Query Builder