Lucene search
K

5909 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2019/09/25 12:0 a.m.129 views

Security update for links (moderate)

openSUSE Security Update: Security update for links Announcement ID: openSUSE-SU-2019:2185-1 Rating: moderate References: 1149886 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that contains security fixes can now be...

5.8AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2019/09/25 12:0 a.m.102 views

Security update for varnish (moderate)

openSUSE Security Update: Security update for varnish Announcement ID: openSUSE-SU-2019:2184-1 Rating: moderate References: 1149382 Cross-References: CVE-2019-15892 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...

7.8CVSS7.5AI score0.05742EPSS
Exploits0References1
NVD
NVD
added 2019/09/13 5:15 p.m.16 views

CVE-2019-13532

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller...

7.5CVSS8AI score0.03178EPSS
Exploits0References1
OSV
OSV
added 2019/09/06 7:15 p.m.19 views

CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

9.8CVSS7.7AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/09/06 7:15 p.m.26 views

CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

9.8CVSS7.5AI score0.06797EPSS
Exploits1References4
Prion
Prion
added 2019/09/06 7:15 p.m.16 views

Type confusion

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

7.5CVSS8AI score0.06797EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2019/09/06 7:15 p.m.5 views

UBUNTU-CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

9.8CVSS6.1AI score0.06797EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/09/06 6:46 p.m.19 views

CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

9.8AI score0.06797EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/09/06 6:46 p.m.28 views

CVE-2016-7398

A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...

9.8CVSS9.8AI score0.06797EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/09/06 12:0 a.m.32 views

Cisco NX-OS Software NX-API Denial of Service Vulnerability (CVE-2019-1968)

According to its self-reported version, Cisco NX-OS Software is affected by a denial of service vulnerability in the NX-API of Cisco NX-OS Software due to incorrect validation of HTTP requests. An unauthenticated, remote attacker could exploit this, by sending a crafted HTTP request to the NX-API...

7.5CVSS6.2AI score0.01768EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.1732 views

Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...

10CVSS7.4AI score0.95707EPSS
Exploits15
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.436 views

Cisco RV110W / RV130(W) / RV215W Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...

10CVSS0.95707EPSS
Exploits15
0day.today
0day.today
added 2019/09/02 12:0 a.m.117 views

Cisco RV110W / RV130(W) / RV215W Remote Command Execution Exploit

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The...

10CVSS0.8AI score0.95707EPSS
Exploits15
Fortinet
Fortinet
added 2019/08/30 12:0 a.m.47 views

Protect

An Improper Authorization vulnerability in the SSL VPN web portal may allow an unauthenticated attacker to change the password of an SSL VPN web portal user via specially crafted HTTP requests...

5CVSS7.6AI score0.81691EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/30 12:0 a.m.50 views

CentOS 7 : python-requests (CESA-2019:2035)

An update for python-requests is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7AI score0.07443EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/08/29 12:0 a.m.38 views

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is...

10CVSS8.7AI score0.05324EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2019/08/28 6:40 p.m.16 views

CVE-2019-12643 Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed by the area of code that manages the REST...

10CVSS7.7AI score0.05324EPSS
Exploits0References1
Cisco
Cisco
added 2019/08/28 4:0 p.m.103 views

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed by the area of code that manages the REST...

10CVSS1.5AI score0.05324EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/26 2:22 p.m.23 views

CVE-2019-14300

Several Ricoh printers have multiple buffer overflows parsing HTTP cookie headers, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is...

9.8CVSS9.4AI score0.0312EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/26 2:18 p.m.30 views

CVE-2019-14307

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is...

8.8CVSS9.4AI score0.03045EPSS
Exploits0References3
Rows per page
Query Builder