Lucene search
K

4743 matches found

OSV
OSV
added 2016/06/30 5:59 p.m.8 views

CVE-2015-8899

Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

7.5CVSS7.6AI score
Exploits0References8
OSV
OSV
added 2016/06/30 5:59 p.m.1 views

DEBIAN-CVE-2015-8899

Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

7.5CVSS7.3AI score0.02415EPSS
Exploits0References1
seebug.org
seebug.org
added 2016/06/21 12:0 a.m.15 views

DVR surveillance empty token

No description provided by source...

7.1AI score
Exploits0
OSV
OSV
added 2016/06/08 10:46 a.m.9 views

SUSE-SU-2016:1528-1 Security update for openssh

openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to...

9.8CVSS7.5AI score0.37016EPSS
Exploits13References14
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.5 views

pcre: stack overflow caused by mishandled group empty match (8.38/11)

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS7.4AI score0.06169EPSS
Exploits1References4
Cvelist
Cvelist
added 2016/05/22 1:0 a.m.42 views

CVE-2014-9767

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...

6.7AI score0.04542EPSS
Exploits1References14
OSV
OSV
added 2016/05/15 1:59 a.m.5 views

CVE-2016-0381

IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty, allows remote authenticated users to cause a denial of service configuration outage via a non-empty value...

4.3CVSS5.8AI score0.00993EPSS
Exploits0References2
OSV
OSV
added 2016/05/13 2:59 p.m.2 views

UBUNTU-CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

7.5CVSS7.2AI score0.01355EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/05/11 1:7 p.m.4 views

pcre: stack overflow caused by mishandled group empty match (8.38/11)

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS7.4AI score0.06169EPSS
Exploits1References4
Friends Of PHP
Friends Of PHP
added 2016/05/09 9:34 p.m.26 views

CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password

More info at https://symfony.com/cve-2016-2403...

9.8CVSS7.2AI score0.02925EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2016/05/09 9:34 p.m.35 views

CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password

More info at https://symfony.com/cve-2016-2403...

9.8CVSS7.2AI score0.02925EPSS
Exploits0Affected Software1
Symfony
Symfony
added 2016/05/09 12:0 a.m.7 views

CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password

Affected versions Symfony 2.8.0 to 2.8.5 and 3.0.0 to 3.0.5 versions of the Symfony Security component are affected by this security issue. The issue has been fixed in Symfony 2.8.6 and 3.0.6. Description The bind operation of LDAP, as described in RFC 4513, provides a method which allows for...

9.8CVSS9.5AI score0.02925EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/05/05 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a hacker to manipulate the URL string.

The vulnerability of the WebContentsImpl::FocusLocationBarByDefault function content/browser/webcontents/webcontentsimpl.cc in the Google Chrome browser exists due to improper handling of calls to certain empty pages. Exploiting this vulnerability can allow a malicious actor to manipulate the URL...

4.3CVSS6.7AI score0.01425EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/05/04 12:0 a.m.4 views

Wireshark ASN.1 BER parser denial of service vulnerability (CNVD-2016-02773)

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A denial of service vulnerability exists in the epan/dissectors/packet-ber.c file in the ASN.1 BER parser in Wireshark version 1.12.x before 1.12.10 and version 2.x before 2.0.2. A...

5.9CVSS7.5AI score0.01353EPSS
Exploits0References1
Atlassian
Atlassian
added 2016/05/03 5:12 p.m.19 views

Moving or deleting an issue leaves the empty attachments subdirectory on the filesystem

To reproduce: Create an issue Attach a file to it Locate the file on the JIRA-server filesystem -- under JIRA "home" directory attachments/..../PROJECT-ISSUE Move the issue to a different project or delete it completely Observe the empty issue subdirectory remaining on the filesystem The director...

1.4AI score
Exploits0Affected Software1
OSV
OSV
added 2016/05/01 1:59 a.m.3 views

DEBIAN-CVE-2016-4418

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...

5.9CVSS6.2AI score0.01353EPSS
Exploits0References1
OSV
OSV
added 2016/05/01 1:59 a.m.6 views

UBUNTU-CVE-2016-4418

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...

5.9CVSS6.6AI score0.01353EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2016/04/18 12:0 a.m.26 views

dnsmasq -- denial of service

reports: Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

7.5CVSS7.5AI score0.02415EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.6 views

The vulnerability of the NX-OS network operating system allows attackers to increase their privileges.

The vulnerability of the NX-OS network operating system is related to the use of a empty root password. Exploiting this vulnerability could allow an attacker, operating locally, to gain increased privileges...

6.9CVSS7.8AI score0.0108EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/01 12:0 a.m.32 views

FreeBSD : Botan BER Decoder vulnerabilities (2004616d-f66c-11e5-b94c-001999f8d30b)

The botan developers reports : Excess memory allocation in BER decoder - The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer...

7.8CVSS7.9AI score0.01483EPSS
Exploits0References4
Rows per page
Query Builder