Lucene search
K

5909 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/24 12:0 a.m.39 views

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4289-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4289-1 advisory. Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue ...

7.5CVSS7.6AI score0.7179EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2020/02/23 12:0 a.m.3 views

Advantech WISE-PaaS RMM Code Execution (CVE-2019-13551)

A Remote Code Execution vulnerability exists in Advantech WISE-PaaS RMM. The vulnerability is due to insufficient input validation when processing HTTP requests. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to a target server. Successful...

10CVSS9.7AI score0.04907EPSS
Exploits0
OSV
OSV
added 2020/02/20 3:17 p.m.3 views

USN-4289-1 squid, squid3 vulnerabilities

Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. CVE-2019-12528 Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote...

7.5CVSS7.1AI score0.7179EPSS
Exploits0References5
NVD
NVD
added 2020/02/12 2:15 p.m.18 views

CVE-2019-20100

The Atlassian Application Links plugin is vulnerable to cross-site request forgery CSRF. The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version...

4.7CVSS4.6AI score0.01021EPSS
Exploits1References3
Prion
Prion
added 2020/02/12 2:15 p.m.17 views

Cross site request forgery (csrf)

The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...

4.3CVSS4.5AI score0.00815EPSS
Exploits1References2Affected Software2
Prion
Prion
added 2020/02/12 2:15 p.m.19 views

Cross site request forgery (csrf)

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.3CVSS4.5AI score0.00743EPSS
Exploits1References2Affected Software2
Prion
Prion
added 2020/02/12 2:15 p.m.19 views

Cross site request forgery (csrf)

The Atlassian Application Links plugin is vulnerable to cross-site request forgery CSRF. The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version...

4.3CVSS4.7AI score0.01021EPSS
Exploits1References3Affected Software3
Cvelist
Cvelist
added 2020/02/12 2:7 p.m.19 views

CVE-2019-20098

The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...

4.5AI score0.00815EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/02/12 2:7 p.m.27 views

CVE-2019-20099

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.5AI score0.00743EPSS
Exploits1References2
Prion
Prion
added 2020/02/11 4:15 p.m.20 views

Race condition

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU All versions V3.X.17, SIMATIC ET 200pro IM154-8F PN/DP CPU All versions V3.X.17, SIMATIC ET 200pro IM154-8FX PN/DP CPU All versions V3.X.17, SIMATIC ET 200S IM151-8 PN/DP CPU All versions V3.X.17, SIMATIC ET 200S IM151-8F...

5CVSS7.3AI score0.01702EPSS
Exploits0References1Affected Software13
Positive Technologies
Positive Technologies
added 2020/02/11 12:0 a.m.4 views

PT-2020-9415 · Siemens · Simatic S7-300 Cpu 317Tf-3 Pn/Dp +14

Name of the Vulnerable Software and Affected Versions: SIMATIC ET 200pro IM154-8 PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200pro IM154-8F PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200pro IM154-8FX PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200S IM151-8 PN/DP CPU versions prior to...

7.5CVSS7.4AI score0.01702EPSS
Exploits0References2
exploitpack
exploitpack
added 2020/02/07 12:0 a.m.66 views

EyesOfNetwork 5.3 - Remote Code Execution

EyesOfNetwork 5.3 - Remote Code Execution Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Date: 2020-02-01 Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...

9.3CVSS0.1AI score0.85646EPSS
Exploits11
0day.today
0day.today
added 2020/02/07 12:0 a.m.86 views

EyesOfNetwork 5.3 Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...

9.3CVSS0.85646EPSS
Exploits11
Atlassian
Atlassian
added 2020/02/05 5:5 p.m.80 views

CSRF in Application Links plugin allows network enumeration - CVE-2019-20100

Atlassian Jira Server and Data Center before version 8.7.0 use a version of the Atlassian Application Links plugin that is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to...

4.7CVSS3.1AI score0.01021EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2020/02/05 4:3 p.m.35 views

CSRF in VerifyPopServerConnection!add.jspa - CVE-2019-20099

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.3CVSS5AI score0.00743EPSS
Exploits1
Atlassian
Atlassian
added 2020/02/05 4:3 p.m.101 views

CSRF in VerifyPopServerConnection!add.jspa - CVE-2019-20099

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.3CVSS2.8AI score0.00743EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2020/02/05 4:2 p.m.29 views

CSRF in VerifySmtpServerConnection!add.jspa - CVE-2019-20098

The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...

4.3CVSS5AI score0.00815EPSS
Exploits1
Atlassian
Atlassian
added 2020/02/05 4:2 p.m.86 views

CSRF in VerifySmtpServerConnection!add.jspa - CVE-2019-20098

The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...

4.3CVSS2.9AI score0.00815EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2020/02/05 3:14 p.m.28 views

CVE-2020-8449

A flaw was found in squid. Due to incorrect input validation, squid can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...

7.5CVSS1.4AI score0.08311EPSS
Exploits0References3
NVD
NVD
added 2020/02/04 8:15 p.m.16 views

CVE-2020-8449

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...

7.5CVSS8.4AI score0.08311EPSS
Exploits0References15
Rows per page
Query Builder