CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

MiracleLinux 7 : augeas-1.4.0-2.el7.1 (AXSA:2017-2340:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2340:01 advisory. A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application...

9.8CVSS8.1AI score0.01239EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-16563

Malware in sbrugna...

9.8CVSS9.2AI score0.01239EPSS

Exploits0References12

SUSE CVE•added 2023/02/15 4:47 a.m.•2 views

SUSE CVE-2017-7555

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution...

6.3CVSS7.8AI score0.01239EPSS

Exploits0References22

Prion•added 2022/10/19 8:15 a.m.•9 views

Code injection

Prior to 2.0.0-M9, it was possible for an end-user to set the value of an editable string property of a domain object to a value that would be rendered unchanged when the value was saved. In particular, the end-user could enter javascript or similar and this would be executed. As of this release,...

5.8CVSS6.1AI score0.2198EPSS

Exploits0References2Affected Software1

CVE•added 2022/10/19 12:0 a.m.•76 views

CVE-2022-42466

Apache Isis prior to version 2.0.0-M9 is affected by a cross-site scripting vulnerability caused by input strings not being escaped when rendered, allowing injected scripts to execute. The issue is addressed in 2.0.0-M9 and later by escaping input strings during rendering. Affected products inclu...

6.1CVSS6.1AI score0.2198EPSS

Exploits0References2Affected Software1

OpenVAS•added 2021/06/09 12:0 a.m.•10 views

SUSE: Security Advisory (SUSE-SU-2018:0653-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.02408EPSS

Exploits0References5

RedHat Linux•added 2019/08/07 11:39 a.m.•2 views

augeas: Improper handling of escaped strings leading to memory corruption

A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution...

9.8CVSS7.5AI score0.01239EPSS

Exploits0References4

Oracle linux•added 2017/09/26 12:0 a.m.•19 views

augeas security update

1.4.0-2.el74.1 - Fix CVE-2017-7555, improper handling of escaped strings RHBZ1481545...

9.8CVSS1.6AI score0.01239EPSS

Exploits0

RedHat Linux•added 2017/09/21 11:36 a.m.•58 views

Important: Red Hat Security Advisory: augeas security update

An update for augeas is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS7AI score0.01239EPSS

Exploits0References2

RedHat Linux•added 2017/09/21 11:36 a.m.•2 views

augeas: Improper handling of escaped strings leading to memory corruption

9.8CVSS7.5AI score0.01239EPSS

Exploits0References4