Lucene search
K

9174 matches found

UbuntuCve
UbuntuCve
added 2019/11/27 4:15 p.m.44 views

CVE-2019-10220

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists...

9.3CVSS7.1AI score0.05123EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/11/27 3:30 p.m.30 views

CVE-2019-10220

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists...

8CVSS9AI score0.05123EPSS
Exploits0References5
Kitploit
Kitploit
added 2019/11/26 9:27 p.m.88 views

Corsy - CORS Misconfiguration Scanner

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Usage Using Corsy is pretty simple python corsy.py -u https://example.com A delay between consecutive requests can be specified with -d option. Note: This is a beta version, features such as JSON...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/11/26 12:0 a.m.34 views

Fedora Update for mingw-libidn2 FEDORA-2019-20e9736c97

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.0279EPSS
Exploits0References2
OSV
OSV
added 2019/11/25 3:15 p.m.7 views

CVE-2019-5857

Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

6.5CVSS8.9AI score
Exploits0References2
NVD
NVD
added 2019/11/25 3:15 p.m.15 views

CVE-2019-13708

Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS4.7AI score0.0092EPSS
Exploits0References3
NVD
NVD
added 2019/11/25 3:15 p.m.14 views

CVE-2019-13701

Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS4.9AI score0.0092EPSS
Exploits0References3
OSV
OSV
added 2019/11/25 3:15 p.m.7 views

CVE-2019-13684

Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

5.3CVSS8.4AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/11/25 3:15 p.m.25 views

CVE-2019-13701

Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.8AI score0.0092EPSS
Exploits0References1
Prion
Prion
added 2019/11/25 3:15 p.m.17 views

Design/Logic Flaw

Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS4.5AI score0.0092EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2019/11/25 3:15 p.m.16 views

Design/Logic Flaw

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS4.7AI score0.00688EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/11/25 2:22 p.m.18 views

CVE-2019-5852

Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5AI score0.01076EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/11/25 2:22 p.m.23 views

CVE-2019-5852

Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS5.8AI score0.01076EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/11/25 2:22 p.m.32 views

CVE-2019-13684

Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

5.3CVSS5.9AI score0.00839EPSS
Exploits0
CVE
CVE
added 2019/11/25 2:22 p.m.105 views

CVE-2019-13684

CVE-2019-13684: Chrome prior to 72.0.3626.81 has an inappropriate JavaScript implementation that allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (desktop/mobile), version not explicitly stated beyond the pre-72.0.3626.81 range in the pro...

5.3CVSS4.8AI score0.00839EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/11/25 1:44 p.m.32 views

CVE-2019-18675

The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...

8AI score0.00533EPSS
Exploits1References4
Hacker One
Hacker One
added 2019/11/24 10:24 a.m.157 views

Internet Bug Bounty: Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd

Full background information is at our website and detailed information can be found in our research paper. Vulnerability Summary First Disclosure Summarized, the Dragonfly handshake of WPA3 and EAP-pwd is supposed to prevent dictionary attacks. However, we discovered design flaws that still enabl...

7.5CVSS8AI score0.07624EPSS
Exploits1
Virtuozzo
Virtuozzo
added 2019/11/22 12:0 a.m.55 views

Kernel update: Virtuozzo ReadyKernel patch 92.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozz...

2.2AI score
Exploits0References8
Hacker One
Hacker One
added 2019/11/21 4:58 p.m.11 views

Moneybird: Pending MFA logins aren't immediatly expired after a password change

Researcher found an issue with sessions not all being terminated when password is changed. The 2FA implementation was at fault in this scenario as the session was found to be active even after the password was changed and two-step verification was turned off...

2.4AI score
Exploits0
Oracle linux
Oracle linux
added 2019/11/20 12:0 a.m.39 views

openssl security update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...

1.1AI score
Exploits0
Rows per page
Query Builder