Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4132 matches found

Prion
Prionadded 2020/01/20 10:15 p.m.9 views

Remote code execution

Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. In some cases, authentication can be achieved with the comtech password for the comtech account...

9CVSS7.5AI score0.05834EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2020/01/20 9:56 p.m.52 views

CVE-2020-7243

CVE-2020-7243 affects Comtech Stampede FX-1010 (version 7.4.3). A flaw in the Fetch URL page allows remote authenticated administrators to achieve remote code execution by submitting shell metacharacters in the URL field; in some cases authentication can be obtained with the comtech password. Mit...

9CVSS7.5AI score0.05834EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2020/01/20 12:0 a.m.2 views

PT-2020-19493

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Fetch URL" page and entering shell metacharacters in the URL field. In some cases,...

9CVSS7.6AI score0.05834EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2020/01/02 12:0 a.m.71 views

EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)

According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...

7.5CVSS7.1AI score0.08946EPSS
Exploits3References5
Hacker One
Hacker Oneadded 2019/12/19 2:26 p.m.189 views

Keybase: SOP bypass using browser cache

Summary An attacker has the ability to extract sensitive information from user's accounts, due to a CORS issue. On a minor note, this also is a cross-site leak as we can fingerprint what exact keybase user has accessed the attacker's website. Information disclosed:...

0.1AI score
Exploits0
OSV
OSVadded 2019/12/18 6:15 p.m.1 views

DEBIAN-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.2AI score0.00478EPSS
Exploits0References1
NVD
NVDadded 2019/12/18 6:15 p.m.18 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.3AI score0.00478EPSS
Exploits0References5
OSV
OSVadded 2019/12/18 6:15 p.m.6 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS7.7AI score
Exploits0References5
OSV
OSVadded 2019/12/18 6:15 p.m.0 views

UBUNTU-CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.6AI score0.00478EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2019/12/18 6:15 p.m.33 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS6.7AI score0.00478EPSS
Exploits0References2
Prion
Prionadded 2019/12/18 6:15 p.m.22 views

Cross site scripting

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

4.3CVSS6AI score0.00478EPSS
Exploits0References5Affected Software5
CVE
CVEadded 2019/12/18 5:33 p.m.178 views

CVE-2019-8515

CVE-2019-8515 concerns a cross-origin issue in the WebKit fetch API. The vulnerability could allow disclosure of sensitive user information when processing malicious web content. Apple’s advisories fix it in iOS 12.2, tvOS 12.2, Safari 12.1 for Windows, and iCloud for Windows 7.11; iTunes 12.9.4 ...

6.5CVSS6.4AI score0.00478EPSS
Exploits0References5Affected Software5
Debian CVE
Debian CVEadded 2019/12/18 5:33 p.m.28 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS5.4AI score0.00478EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/12/16 12:0 a.m.64 views

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

9.8CVSS7.4AI score0.05187EPSS
Exploits1References45
RedHat Linux
RedHat Linuxadded 2019/11/22 8:52 a.m.0 views

hw: Machine Check Error on Page Size Change (IFU)

A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...

6.5CVSS7.3AI score0.00262EPSS
Exploits0References6
CNVD
CNVDadded 2019/11/22 12:0 a.m.1 views

Oniguruma Buffer Overflow Vulnerability

Oniguruma is a BSD-licensed regular expression library that supports multiple character encodings. A buffer overflow vulnerability in the 'fetchintervalquantifier' function of the regparse.c file in versions 6.x prior to Oniguruma 6.9.4rc2, which originates when a networked system or product...

7.5CVSS7.5AI score0.08946EPSS
Exploits1References1
OSV
OSVadded 2019/11/21 9:15 p.m.1 views

DEBIAN-CVE-2019-19204

An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read...

7.5CVSS6.7AI score0.08946EPSS
Exploits1References1
OSV
OSVadded 2019/11/21 9:15 p.m.0 views

UBUNTU-CVE-2019-19204

An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read...

7.5CVSS6.9AI score0.08946EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2019/11/07 1:47 p.m.1 views

Ansible: path traversal in the fetch module

A path traversal flaw was found in ansible. The fetch module allows copying and overwriting files outside of the specified destination in the local ansible controller host by not restricting an absolute path. The main threat from this vulnerability is to data confidentiality and integrity...

4.2CVSS7.1AI score0.00033EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2019/11/06 3:27 p.m.1 views

Ansible: path traversal in the fetch module

A path traversal flaw was found in ansible. The fetch module allows copying and overwriting files outside of the specified destination in the local ansible controller host by not restricting an absolute path. The main threat from this vulnerability is to data confidentiality and integrity...

4.2CVSS7.1AI score0.00033EPSS
Exploits0References5
Rows per page
Query Builder