Lucene search
+L

365 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.5 views

SUSE CVE-2018-10547

An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an...

6.3CVSS8.4AI score0.0363EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.3 views

SUSE CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

4.3CVSS6.9AI score0.08092EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.6 views

SUSE CVE-2021-23959

An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...

6.1CVSS8.2AI score0.00567EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/01/20 11:35 p.m.15 views

CakePHP vulnerable to Cross-site Scripting in some development error pages

CakePHP 3.4 prior to 3.4.14, 3.5 prior to 3.5.17, and 3.6 prior to 3.6.4 contains a cross-site-scripting XSS vulnerability in the development only missing route and duplicate named route error pages...

2AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.4 views

PT-2023-33075 · Cakephp · Cakephp

Name of the Vulnerable Software and Affected Versions: CakePHP versions 3.4 prior to 3.4.14 CakePHP versions 3.5 prior to 3.5.17 CakePHP versions 3.6 prior to 3.6.4 Description: The issue is a cross-site-scripting XSS vulnerability found in the development only missing route and duplicate named...

6.6AI score
Exploits0References5
NVD
NVD
added 2022/12/22 8:15 p.m.16 views

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

4.3CVSS0.0058EPSS
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.4 views

DEBIAN-CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

4.3CVSS6.4AI score0.0058EPSS
Exploits0References1
OSV
OSV
added 2022/11/04 11:15 p.m.6 views

CVE-2022-43570

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language XML external entity XXE injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error...

6.5CVSS5.8AI score0.00656EPSS
Exploits0References1
OSV
OSV
added 2022/09/19 5:15 p.m.5 views

DEBIAN-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS5.8AI score0.01413EPSS
Exploits1References1
OSV
OSV
added 2022/09/19 5:15 p.m.5 views

UBUNTU-CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS6.3AI score0.01413EPSS
Exploits1References8
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

Syncovery 跨站脚本漏洞

Syncovery is a superbly versatile synchronization, copy, move, and backup tool from Syncovery Germany. A cross-site scripting vulnerability exists in Syncovery 9 for Linux prior to v9.48j, which stems from a missing output encoding in the error and status pages, and can be exploited by an attacke...

5.4CVSS5.5AI score0.41567EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-5512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.23941EPSS
Exploits1References2
OSV
OSV
added 2022/08/10 5:15 p.m.3 views

CVE-2022-33930

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use the exposed information to access and further...

7.5CVSS5.8AI score0.00529EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/18 12:0 a.m.4 views

CVE-2022-33930

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use the exposed information to access and further...

7.5CVSS5.9AI score0.00529EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/07/05 12:0 a.m.52 views

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

4.3CVSS6.8AI score0.0058EPSS
Exploits0References4
OSV
OSV
added 2022/07/05 12:0 a.m.4 views

UBUNTU-CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

4.3CVSS6.7AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 2:2 a.m.7 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 2:0 a.m.7 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 1:32 a.m.4 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 1:31 a.m.4 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
Rows per page
Query Builder