Lucene search
K

8691 matches found

RedHat Linux
RedHat Linux
added 2018/04/11 5:52 p.m.4 views

Qemu: stack buffer overflow in NBD server triggered via long export name

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, allowing causing an out-of-bounds stack write in the qemu process. If NBD server requires...

9.8CVSS7.6AI score0.11931EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2018/04/10 6:54 p.m.2 views

Qemu: stack buffer overflow in NBD server triggered via long export name

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, allowing causing an out-of-bounds stack write in the qemu process. If NBD server requires...

9.8CVSS7.6AI score0.11931EPSS
Exploits3References4
Hacker One
Hacker One
added 2018/04/10 11:43 a.m.25 views

Passit: CSV-injection in export functionality

Summary: CSV-injection in export functionality Description: Hello team! I have found that you have a CSV-injection vulnerability in export functionality. First I thought that this is just fine but because you can group up this can be used against another users which makes this pretty critical...

7.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/04/07 9:29 p.m.26 views

CVE-2018-9325

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all the existing pads of an instance without knowledge of pad names...

7.5CVSS7.1AI score0.01186EPSS
Exploits0References2
OSV
OSV
added 2018/04/07 9:29 p.m.13 views

CVE-2018-9325

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all the existing pads of an instance without knowledge of pad names...

7.5CVSS7AI score
Exploits0References1
CVE
CVE
added 2018/04/07 9:0 p.m.35 views

CVE-2018-9325

Etherpad CVE-2018-9325 affects Etherpad 1.5.x and 1.6.x prior to 1.6.4. The vulnerability allows an attacker to export all existing pads of an instance without knowing pad names. The issue is addressed in version 1.6.4 (remediation/patch). If citing sources, see NVD/SUSE entries and the project r...

7.5CVSS7.5AI score0.01186EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/04/07 9:0 p.m.17 views

CVE-2018-9325

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all the existing pads of an instance without knowledge of pad names...

7.5AI score0.01186EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/04/07 7:29 a.m.19 views

CVE-2018-9841

The export function in libavfilter/vfsignature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a long filename...

8.8CVSS7.3AI score0.01763EPSS
Exploits0References2
OSV
OSV
added 2018/04/07 7:29 a.m.0 views

DEBIAN-CVE-2018-9841

The export function in libavfilter/vfsignature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a long filename...

8.8CVSS9AI score0.01763EPSS
Exploits0References1
OSV
OSV
added 2018/04/07 7:29 a.m.2 views

UBUNTU-CVE-2018-9841

The export function in libavfilter/vfsignature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a long filename...

8.8CVSS7.4AI score0.01763EPSS
Exploits0References3
CVE
CVE
added 2018/04/07 7:0 a.m.72 views

CVE-2018-9841

CVE-2018-9841 affects FFmpeg up to 3.4.2; the export function in libavfilter/vf_signature.c can be triggered by a long filename to cause a denial of service via out-of-bounds access (unspecified other impact). Public references (NVD, CNVD, OSV, Gentoo GLSA) confirm FFmpeg involvement and 3.4.2 li...

8.8CVSS8.9AI score0.01763EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2018/03/30 12:0 a.m.46 views

Joomla Acymailing Starter 5.9.5 Component - CSV Macro Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Acymailing Starter 5.9.5 CSV Macro Injection Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link: https://extensions.joomla.org/extension/acymailing-starter/ Affected...

0.07419EPSS
Exploits5
0day.today
0day.today
added 2018/03/30 12:0 a.m.55 views

Joomla AcySMS 3.5.0 Component - CSV Macro Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component AcySMS 3.5.0 CSV Macro Injection Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link: https://extensions.joomla.org/extensions/extension/communication/phone-a-sms/acysms/...

0.05639EPSS
Exploits5
Citrix
Citrix
added 2018/03/29 12:0 a.m.8 views

How to Generate and Install an SSL Certificate on a StoreFront Server for HTTPS connections

This article explains how to generate and install an SSL certificate on a StoreFront server for HTTPS connections. If you have already generated an SSL certificate on one of your StoreFront servers in the StoreFront server group, you can just export the existing SSL certificate and import the...

7AI score
Exploits0
Kitploit
Kitploit
added 2018/03/28 8:14 p.m.39 views

Envizon - Network Visualization Tool With Focus On Red / Blue Team Requirements

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and organization tool, 'envizon'. We hope your feedback will help to improve and hone i...

6.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/03/28 4:29 a.m.6 views

CVE-2018-9107

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...

8.8CVSS5.5AI score0.07419EPSS
Exploits5References5
OSV
OSV
added 2018/03/28 4:29 a.m.5 views

CVE-2018-9107

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...

8.8CVSS5.8AI score0.07419EPSS
Exploits5References4
ATTACKERKB
ATTACKERKB
added 2018/03/28 4:29 a.m.7 views

CVE-2018-9106

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export...

8.8CVSS5.5AI score0.05639EPSS
Exploits5References3
NVD
NVD
added 2018/03/28 4:29 a.m.18 views

CVE-2018-9107

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export...

8.8CVSS8.8AI score0.07419EPSS
Exploits5References4
OSV
OSV
added 2018/03/28 4:29 a.m.6 views

CVE-2018-9106

CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export...

8.8CVSS5.8AI score0.05639EPSS
Exploits5References2
Rows per page
Query Builder