Lucene search
K

165 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2000-0999

Malware in sbrugna...

7.2CVSS6.4AI score0.00354EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/07/21 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00422EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/21 6:12 p.m.10 views

CVE-1999-0767

Buffer overflow in Solaris libc, ufsrestore, and rcp via LCMESSAGES environmental variable...

7.2CVSS7.3AI score0.01197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:8 p.m.7 views

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable...

7.2CVSS7.2AI score0.00613EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.11 views

Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2025-007)

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2LIBREOFFICE-2025-007 advisory. Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Documen...

6.7CVSS6.6AI score0.01008EPSS
Exploits0References8
Debian
Debian
added 2025/01/19 5:16 p.m.12 views

[SECURITY] [DLA 4020-1] libreoffice security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4020-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès January 19, 2025 https://wiki.debian.org/LTS -...

6.7CVSS7.2AI score0.00528EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.11 views

LibreOffice Multiple Vulnerabilities (Jan 2025) - Mac OS X

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

6.7CVSS5AI score0.00528EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/07 12:22 p.m.6 views

CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS6.7AI score0.00528EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 12:22 p.m.21 views

CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS0.00528EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.3 views

PT-2024-10221 · Document Foundation +5 · Libreoffice +5

Name of the Vulnerable Software and Affected Versions: LibreOffice versions 24.8 through 24.8.3 Description: The issue is related to the exposure of environmental variables and arbitrary INI file values to an unauthorized actor. URLs could be constructed to expand these variables, potentially...

7.2CVSS5.7AI score0.00528EPSS
Exploits0References60
Veeam
Veeam
added 2024/11/07 12:0 a.m.93 views

NATS Server Configuration Advice for Use With Veeam Backup for Microsoft 365

Purpose This article provides advice for optimizing NATS Server configuration when used in conjunction with Veeam Backup for Microsoft 365. Solution When Veeam Backup for Microsoft 365 is deployed using the included NATS Server, the system variable 'GOMEMLIMIT ' is set to 30% of the total system...

6.6AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.26 views

RHEL 7 : mod_fcgid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modfcgid: modfcgid sets environmental variable based on user supplied Proxy request header CVE-2016-1000104 Note th...

8.8CVSS7AI score0.02228EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 4 : python_cgihandler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Python CGIHandler: sets environmental variable based on user supplied Proxy request header CVE-2016-1000110 Note th...

6.4AI score0.04526EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2024/03/20 2:45 p.m.50 views

GeoServer log file path traversal vulnerability

Impact This vulnerability requires GeoServer Administrator with access to the admin console to misconfigured the Global Settings for log file location to an arbitrary location. This can be used to read files via the admin console GeoServer Logs page. It is also possible to leverage RCE or cause...

7.2CVSS7.2AI score0.00841EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/10/17 11:15 p.m.24 views

CVE-2023-3042

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes // from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edittextinc.jsp , which should return a 404 response b...

6.1CVSS5.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/17 10:52 p.m.13 views

CVE-2023-3042 CNA SHORTNAME: dotCMSORG UUID: 5b9d93f2-25c7-46b4-ab60-d201718c9dd8

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes // from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edittextinc.jsp , which should return a 404 response b...

5.3CVSS5.6AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.11 views

Atlassian Jira 8.6.0 < 8.7.2 DLL Hijacking

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 8.0.x prior to 8.7.0. It is, therefore, affected by a vulnerability which permits when deployed onto the Windows operating system environment which allows local system attackers who ha...

7.8CVSS7.5AI score0.0081EPSS
Exploits0References2
OSV
OSV
added 2022/02/15 1:57 a.m.21 views

GHSA-6HV3-7C34-4HX8 Hashicorp Nomad Information Exposure Through Environmental Variables

In Nomad before version 0.9.5, when rendering a task template, all environment variables were available to the rendering task. As a fix, only task environment variables are used...

5.3CVSS5AI score0.00589EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2017:0114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.3AI score0.02406EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/04/15 12:0 a.m.5 views

ZSQL: Audit File Path

The LOGHOME parameter specifies the storage path of the audit file. By default, the audit file is stored in the $GSDBDATA/log/audit directory. Note: The script compares the LOGHOME in DVPARAMETERS with the $GSDBDATA/log environmental variable. SPDX-FileCopyrightText: 2020 Greenbone AG Some text...

7AI score
Exploits0References1
Rows per page
Query Builder