Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4656 matches found

NVD
NVDadded 2018/07/05 6:29 p.m.27 views

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

9.8CVSS9.6AI score0.04188EPSS
Exploits0References11
OSV
OSVadded 2018/07/05 6:29 p.m.32 views

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

9.8CVSS9.6AI score
Exploits0References11
Debian CVE
Debian CVEadded 2018/07/05 6:0 p.m.24 views

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

9.8CVSS9.9AI score0.04188EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2018/06/29 12:0 a.m.30 views

CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

9.8CVSS6.8AI score0.04188EPSS
Exploits0References3
OSV
OSVadded 2018/06/29 12:0 a.m.0 views

UBUNTU-CVE-2018-12910

The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname...

9.8CVSS6.8AI score0.04188EPSS
Exploits0References4
OSV
OSVadded 2018/06/26 2:29 p.m.3 views

DEBIAN-CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...

5.3CVSS6.3AI score0.01912EPSS
Exploits0References1
CNVD
CNVDadded 2018/06/26 12:0 a.m.3 views

Cisco 5000 Series Enterprise Network Compute System and UCS E-Series Servers Authentication Bypass Vulnerability

The Cisco 5000 Series Enterprise Network Compute System and UCS E-Series Servers are both products of Cisco, Inc. The Cisco 5000 Series Enterprise Network Compute System is an enterprise network function virtualization solution. The Cisco 5000 Series Enterprise Network Compute System is an...

4.6CVSS5AI score0.0038EPSS
Exploits0References1
OSV
OSVadded 2018/06/26 12:0 a.m.1 views

UBUNTU-CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...

5.3CVSS6.6AI score0.01912EPSS
Exploits0References9
Prion
Prionadded 2018/06/21 11:29 a.m.17 views

Input validation

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing UCS E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability...

4.6CVSS5AI score0.0038EPSS
Exploits0References2Affected Software21
OSV
OSVadded 2018/06/21 11:29 a.m.2 views

CVE-2018-0362

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing UCS E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability...

4.3CVSS5.9AI score0.0038EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2018/06/21 11:0 a.m.10 views

CVE-2018-0362

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing UCS E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability...

7.3AI score0.0038EPSS
Exploits0References2
Veracode
Veracodeadded 2018/06/14 7:12 a.m.20 views

Authorization Bypass

symfony is vulnerable to authorization bypasses. A malicious user can login into a symfony application by supplying a valid username with an empty password to gain unauthorized access...

9.8CVSS9.3AI score0.02925EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2018/06/11 9:29 p.m.2 views

CVE-2017-5406

A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox 52 and Thunderbird 52...

7.5CVSS7.2AI score
Exploits0References5
Prion
Prionadded 2018/06/11 9:29 p.m.19 views

Information disclosure

A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox 52 and Thunderbird 52...

5CVSS7.5AI score0.01808EPSS
Exploits1References5Affected Software2
OSV
OSVadded 2018/05/31 8:29 p.m.15 views

CVE-2016-10543

call is an HTTP router that is primarily used by the hapi framework. There exists a bug in call versions 2.0.1-3.0.1 that does not validate empty parameters, which could result in invalid input bypassing the route validation rules...

5.3CVSS5.6AI score
Exploits0References2
OSV
OSVadded 2018/05/30 10:29 p.m.2 views

CVE-2018-11567

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still...

3.3CVSS5.9AI score0.01086EPSS
Exploits1References4
OSV
OSVadded 2018/05/30 5:47 p.m.2 views

USN-3665-1 tomcat7, tomcat8 vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...

9.8CVSS7.2AI score0.99988EPSS
Exploits28References7
Positive Technologies
Positive Technologiesadded 2018/05/30 12:0 a.m.3 views

PT-2018-10673 · Amazon · Alexa +1

Name of the Vulnerable Software and Affected Versions: Amazon Echo devices affected versions not specified Description: The reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill, allowing an attacker to obtain transcripts of speech not intended for Alexa to process. Thi...

4.3CVSS7.1AI score0.01086EPSS
Exploits1References5
Friends Of PHP
Friends Of PHPadded 2018/05/25 12:12 p.m.17 views

CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password

More info at https://symfony.com/cve-2018-11407...

9.8CVSS7.2AI score0.02345EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHPadded 2018/05/25 12:12 p.m.18 views

CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password

More info at https://symfony.com/cve-2018-11407...

9.8CVSS7.2AI score0.02345EPSS
Exploits0Affected Software1
Rows per page
Query Builder