Lucene search
+L

172 matches found

OSV
OSV
added 2022/10/17 9:15 a.m.5 views

CVE-2022-39052

An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...

6.5CVSS5.8AI score0.00562EPSS
Exploits0References1
Prion
Prion
added 2022/10/17 9:15 a.m.24 views

Design/Logic Flaw

An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...

4.3CVSS6.4AI score0.00562EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/17 9:15 a.m.6 views

UBUNTU-CVE-2022-39052

An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...

7.5CVSS6AI score0.00562EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/17 8:55 a.m.19 views

CVE-2022-39052 DoS attack using email

An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...

7.5CVSS7.7AI score0.00562EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2022/10/17 8:55 a.m.26 views

CVE-2022-39052

Removed by vendor...

7.5CVSS4.8AI score0.00562EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/09/30 4:20 p.m.7 views

CVE-2022-40277

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before...

7.9AI score0.00499EPSS
Exploits1References2
Palo Alto Networks
Palo Alto Networks
added 2022/08/10 4:0 p.m.71 views

PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service RDoS attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series hardware, VM-Series virtual and CN-Series container firewall...

8.6CVSS0.5AI score0.02126EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/02/08 3:0 p.m.6 views

ansible-tower: Privilege escalation via job isolation escape

A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment...

8.8CVSS7.3AI score0.00232EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/14 12:0 a.m.3 views

PT-2022-24697 · Alt Linux · Alt Linux

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An external attacker can send a specially crafted email with many recipients to potentially trigger a Denial of Service DoS of the system. There is no...

9.8CVSS4.8AI score0.01273EPSS
Exploits0References32
NVD
NVD
added 2021/08/02 1:15 p.m.27 views

CVE-2021-37166

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and...

7.8CVSS0.02062EPSS
Exploits0References4
Prion
Prion
added 2021/08/02 1:15 p.m.34 views

Buffer overflow

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and...

7.8CVSS7.9AI score0.02062EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/06/28 5:38 p.m.64 views

CVE-2021-35525

PostSRSd before 1.11 allows a denial of service subprocess hang if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger...

5.3CVSS5.2AI score0.01622EPSS
Exploits0
CNVD
CNVD
added 2021/03/11 12:0 a.m.14 views

NETGEAR JGS516PE/GS116Ev2 Password Hash Mechanism Insecurity Vulnerability

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A security vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. It allows an external attacker to gain administrative access to the switch...

8.8CVSS7AI score0.0047EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.7 views

Netgear NETGEAR JGS516PE 加密问题漏洞

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A security vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. It allows an external attacker to gain administrative access to the switch...

8.8CVSS5.6AI score0.0047EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/12/01 11:5 p.m.20 views

U.S. Dept Of Defense: IDOR on https://██████ via POST UID enables database scraping

Summary: The UID parameter on █████████ in the ██████ ███████ system, with ███████, does not validate that the caller has permission to view information on the UID entered, thereby enabling personnel and student data extraction. Description: The user operations API endpoint for the ███ ██████████...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2020/02/11 6:51 a.m.28 views

Open-Xchange: SSRF - Guard - Unchecked HKP servers

Description When encrypting an email, one of strategies to lookup recipient's encryption key is to contact a HKP keyserver specified in DNS records of recipient's domain. Specifically it is DNS SRV records for hkps.tcp. and hkp.tcp., which specify hostname and port of the keyserver. In source cod...

0.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2019/12/09 12:0 a.m.93 views

Inim Electronics Smartliving SmartLAN/G/SI <=6.x Unauthenticated SSRF

Summary SmartLiving anti-intrusion control panel and security system provides important features rarely found in residential, commercial or industrial application systems of its kind. This optimized-performance control panel provides first-rate features such as: graphic display, text-to-speech,...

5.9AI score
Exploits0
seebug.org
seebug.org
added 2018/06/29 12:0 a.m.31 views

Teradek VidiU Pro 3.0.3 SSRF Vulnerability

Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...

0.2AI score
Exploits0
Debian
Debian
added 2018/05/11 7:29 a.m.31 views

[SECURITY] [DLA 1375-1] wget security update

Package : wget Version : 1.13.4-3+deb7u6 CVE ID : CVE-2018-0494 Debian Bug : 898076 Harry Sintonen have discovered a cookie injection vulnerability in wget caused by insufficient input validation, enabling an external attacker to inject arbitrary cookie values cookie jar file, adding new or...

6.5CVSS7.4AI score0.1704EPSS
Exploits5
Talos
Talos
added 2018/04/04 12:0 a.m.102 views

Circle with Disney WiFi Insecure Access Point Vulnerability

Summary An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed “de-auth” packets to trigger this...

6.5CVSS6.5AI score0.00654EPSS
Exploits1
Rows per page
Query Builder