Lucene search
K

4740 matches found

CNVD
CNVD
added 2017/07/07 12:0 a.m.6 views

Red Hat Satellite MongoDB Authorization Issues Vulnerability

Red Hat Satellite is a set of system management platforms from Red Hat, Inc. that can be used to extend the Linux infrastructure and provide system management functions such as administration, configuration, and monitoring.MongoDB is a set of database software developed by one of the U.S.-based...

5.5CVSS5.3AI score0.00277EPSS
Exploits0References1
Prion
Prion
added 2017/06/26 11:29 p.m.16 views

Null pointer dereference

The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty field that should have contained a hostname or IP address...

5CVSS7.4AI score0.01906EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/06/26 11:29 p.m.1 views

UBUNTU-CVE-2017-7458

The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty field that should have contained a hostname or IP address...

7.5CVSS7.2AI score0.01906EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/06/26 11:0 p.m.12 views

CVE-2017-7458

Removed by vendor...

7.5CVSS7.1AI score0.01906EPSS
Exploits0
OSV
OSV
added 2017/06/21 4:35 p.m.4 views

USN-3336-1 nss vulnerability

It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service...

7.5CVSS7.2AI score0.04302EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/06/21 3:11 p.m.4 views

nss: Null pointer dereference when handling empty SSLv2 messages

A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library...

7.5CVSS7.2AI score0.04302EPSS
Exploits0References4
CNVD
CNVD
added 2017/06/09 12:0 a.m.1 views

Foscam camera FTP server account hard-coded password vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera FTP server account has a hard-coded password vulnerability due to the built-in FTP user password being hard-coded and empty. An attacker can exploit the...

7AI score
Exploits0References1
CNVD
CNVD
added 2017/06/09 12:0 a.m.2 views

Foscam camera FTP Server Account Empty Password Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera FTP server has an account empty password vulnerability, due to the user account of the built-in FTP server is empty password. Attackers can then access the...

7.2AI score
Exploits0References1
Prion
Prion
added 2017/06/06 6:29 p.m.14 views

Authentication flaw

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service...

2.1CVSS7AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 2017/06/06 6:0 p.m.50 views

CVE-2014-8180

The CVE concerns MongoDB within Red Hat Satellite 6. Affected component: MongoDB used by Satellite 6. Issue: local users can bypass authentication by logging in with an empty password, potentially deleting information and causing a Denial of Service. Root cause: authentication bypass in the Mongo...

5.5CVSS5.5AI score0.00277EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/06/01 4:29 p.m.1 views

BELL-CVE-2017-9060 CVE-2017-9060 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.8AI score0.00411EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/05/30 11:8 a.m.4 views

nss: Null pointer dereference when handling empty SSLv2 messages

A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library...

7.5CVSS7.2AI score0.04302EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/05/30 8:4 a.m.4 views

nss: Null pointer dereference when handling empty SSLv2 messages

A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library...

7.5CVSS7.2AI score0.04302EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2017/05/30 12:0 a.m.3 views

PT-2017-17775 · Mozilla +4 · Network Security Services +4

Name of the Vulnerable Software and Affected Versions: Network Security Services NSS versions 3.24.0 and later Description: A null pointer dereference issue was discovered in NSS when the server receives empty SSLv2 messages, potentially leading to a denial of service by a remote attacker...

9.8CVSS8AI score0.04741EPSS
Exploits0References48
NVD
NVD
added 2017/05/25 5:29 p.m.15 views

CVE-2014-0097

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password...

7.5CVSS7.1AI score0.01209EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/05/25 3:32 p.m.9 views

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/05/25 1:39 p.m.7 views

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/05/25 1:28 p.m.4 views

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/05/24 11:19 a.m.5 views

collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions

collectd contains an infinite loop due to how the parsepacket and parsepartsignsha256 functions interact. If an instance of collectd is configured with "SecurityLevel None" and empty "AuthFile" options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of...

7.5CVSS5.8AI score0.03997EPSS
Exploits0References4
OSV
OSV
added 2017/05/24 5:29 a.m.4 views

UBUNTU-CVE-2017-9217

systemd-resolved through 233 allows remote attackers to cause a denial of service daemon crash via a crafted DNS response with an empty question section...

7.5CVSS6.7AI score0.15422EPSS
Exploits0References4
Rows per page
Query Builder