Lucene search
K

10 matches found

EUVD
EUVD
added 2026/05/26 5:24 p.m.16 views

EUVD-2026-31933

The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts e.g., regex patterns and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected...

4.3CVSS5.8AI score0.00258EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/05 12:0 a.m.2 views

CVE-2025-11143

The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently fr...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References2
NVD
NVD
added 2025/12/04 11:15 p.m.7 views

CVE-2025-66564

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...

7.5CVSS0.00404EPSS
Exploits0References2
OSV
OSV
added 2024/08/07 2:15 a.m.3 views

CVE-2024-34632

Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

3.3CVSS5.8AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 5:6 p.m.13 views

USN-5546-2 openjdk-8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

7.5CVSS7AI score0.17673EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2022/04/25 3:13 p.m.5 views

OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

5.3CVSS7.4AI score0.02651EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.6 views

The vulnerability of the syntax analysis function for URI identifiers of HTTP-servers of TP-Link TL-R600VPN microprogramming devices allows a perpetrator to cause a service failure.

The vulnerability of the syntax analysis function for URI identifiers of HTTP-servers of TP-Link TL-R600VPN software-based routers exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending a specially...

7.8CVSS7.2AI score0.23061EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/09/25 12:34 p.m.6 views

USN-3771-1 strongswan vulnerabilities

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-10811 Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A...

7.5CVSS7AI score0.07124EPSS
Exploits0References5
CNVD
CNVD
added 2016/08/21 12:0 a.m.3 views

PHP 'php_snmp_parse_oid()' function integer overflow vulnerability

PHP is an open source general-purpose computer scripting language. An integer overflow vulnerability exists in the PHP 'phpsnmpparseoid' function. An attacker can exploit the vulnerability to execute arbitrary code in the context of an affected application...

7.6AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/09/14 9:39 p.m.3 views

Samba: Stack-based buffer overflow by processing specially-crafted SID records

Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...

7.5CVSS7.2AI score0.10546EPSS
Exploits0References4
Rows per page
Query Builder