Lucene search
K

16996 matches found

Cvelist
Cvelist
added 2020/06/15 4:52 p.m.23 views

CVE-2020-14150

GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash. NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash...

5.3AI score0.00401EPSS
Exploits0References2
CVE
CVE
added 2020/06/15 4:52 p.m.198 views

CVE-2020-14150

CVE-2020-14150 affects GNU Bison prior to 3.5.4. The vulnerability allows a denial of service (application crash) when Bison processes untrusted input; the risk is tied to usage with untrusted data and an observed crash in Bison itself, not in generated code. Several connected sources corroborate...

5.5CVSS5.3AI score0.00401EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2020/06/15 4:52 p.m.33 views

CVE-2020-14150

GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash. NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash...

5.5CVSS5.5AI score0.00401EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/06/15 12:0 a.m.623 views

Nagios Core < 4.4.6 Multiple Vulnerabilities

Nagios Core is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nagios:nagios"; ifdescription...

9.3CVSS7AI score0.05662EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
added 2020/06/15 12:0 a.m.28 views

Uncontrolled Resource Consumption

GNU Bison allows attackers to cause a denial of service application crash...

5.5CVSS4.6AI score0.00401EPSS
Exploits0References2Affected Software1
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.55 views

GNU Mailutils: Privilege escalation

Background The GNU Mailutils are a collection of mail-related utilities, including an IMAP4 server imap4d. Description GNU Mailutils runs maidag by default with setuid root permissions. Impact An attacker can use this to write to arbitrary files as root. Workaround There is no known workaround at...

7.8CVSS2.9AI score0.01135EPSS
Exploits5
Gentoo Linux
Gentoo Linux
added 2020/06/13 12:0 a.m.40 views

GNU Readline: Multiple vulnerabilities

Background The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are typed in. Description Multiple vulnerabilities have been discovered in GNU Readline. Please review the CVE identifiers referenced below for details. Impact...

3.1AI score
Exploits0
0day.today
0day.today
added 2020/06/12 12:0 a.m.104 views

Linux/x86 ASLR Deactivation Polymorphic Shellcode (124 bytes)

Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 124 bytes Original shellcode:...

Exploits0
Openbugbounty
Openbugbounty
added 2020/06/06 2:15 p.m.11 views

gnu-autoconf.7623.n7.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1186667 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/01 12:0 a.m.341 views

VMware vCenter Server 6.7 - Authentication Bypass

Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...

9.8CVSS8AI score0.90384EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2020/05/29 12:0 a.m.247 views

openSUSE Security Update : gcc9 (openSUSE-2020-716)

This update includes the GNU Compiler Collection 9. This update ships the GCC 9.3 release. A full changelog is provided by the GCC team on : https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgccs1, libstdc++6 and others are now built by the gcc 9 packages. ...

7.5CVSS6.4AI score0.03207EPSS
Exploits1References15
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.29 views

Fedora: Security Advisory for ruby (FEDORA-2020-a95706b117)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7AI score0.06811EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.15 views

Fedora: Security Advisory for exim (FEDORA-2020-93d7305d71)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.04467EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.29 views

Fedora: Security Advisory for log4net (FEDORA-2020-cfc319e067)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.49839EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.27 views

Fedora: Security Advisory for exim (FEDORA-2020-2e084c987d)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.04467EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2020/05/27 12:0 a.m.419 views

Pi-hole 4.4.0 Remote Code Execution

Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on: https://github.com/Frichetten/CVE-2020-11108-PoC/blob/master/cve-2020-11108-rce.py File na...

9CVSS8.7AI score0.78262EPSS
Exploits17
OpenVAS
OpenVAS
added 2020/05/27 12:0 a.m.40 views

openSUSE: Security Advisory for gcc9 (openSUSE-SU-2020:0716-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7AI score0.03207EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/05/26 10:45 a.m.88 views

Moderate: Red Hat Security Advisory: devtoolset-9-gcc security and bug fix update

An update for devtoolset-9-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.9AI score0.03207EPSS
Exploits0References7
0day.today
0day.today
added 2020/05/26 12:0 a.m.95 views

Pi-hole 4.4.0 - Remote Code Execution (Authenticated) Exploit

Exploit for linux platform in category web applications Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on:...

9CVSS8.7AI score0.78262EPSS
Exploits17
Exploit DB
Exploit DB
added 2020/05/26 12:0 a.m.283 views

Pi-hole 4.4.0 - Remote Code Execution (Authenticated)

Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on: https://github.com/Frichetten/CVE-2020-11108-PoC/blob/master/cve-2020-11108-rce.py File na...

9CVSS8.7AI score0.78262EPSS
Exploits17
Rows per page
Query Builder