Lucene search
K

153 matches found

PyPA
PyPA
added 2019/10/14 3:15 p.m.5 views

PYSEC-2019-171

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS6.7AI score0.00427EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2019/10/14 3:15 p.m.3 views

UBUNTU-CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS6.6AI score0.00427EPSS
Exploits0References3
OSV
OSV
added 2019/10/14 3:15 p.m.4 views

PYSEC-2019-171

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS6.6AI score0.00427EPSS
Exploits0References9
Citrix
Citrix
added 2019/04/15 12:0 a.m.7 views

Citrix Provisioning Console Error: 0x00000057 - Invalid Parameter

Citrix Provisioning does not support VHD based vDisks on 4K storage in any Citrix Provisioning product version. Microsoft's VHD file specification only supports a disk logical sector size of 512 bytes. A read/write access VHD on 4K disk will trigger read-modify-write emulation, which results in...

7.1AI score
Exploits0
Prion
Prion
added 2018/08/22 9:29 p.m.15 views

Input validation

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...

4.3CVSS7AI score0.00799EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/08/22 9:29 p.m.3 views

CVE-2016-9605

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...

6.1CVSS5.8AI score0.00799EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/07 12:0 a.m.2 views

Cisco WebEx Cross-Site Scripting Vulnerability (CNVD-2018-11321)

Cisco WebEx is the United States Cisco Cisco company's set of Web conferencing tools, the tool can assist off-site office workers to coordinate and collaborate.WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging IM. A cross-site scripting...

6.1CVSS6.3AI score0.02011EPSS
Exploits0References1
OSV
OSV
added 2018/03/09 5:29 p.m.3 views

CVE-2017-17321

Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal...

3.3CVSS6.1AI score0.00247EPSS
Exploits2References2
Prion
Prion
added 2018/02/28 5:29 a.m.13 views

Remote code execution

An Arbitrary Free Remote Code Execution issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This is fixed in 6.9d...

7.5CVSS9.2AI score0.05675EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/02/28 5:0 a.m.22 views

CVE-2018-6641

An Arbitrary Free Remote Code Execution issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This is fixed in 6.9d...

9.4AI score0.05675EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/19 12:0 a.m.2 views

Techno - Portfolio Management Panel Information Disclosure Vulnerability

Techno - Portfolio Management Panel is a set of portfolio management panel scripts. An information disclosure vulnerability exists in Techno - Portfolio Management Panel 2017-11-16 and earlier versions. An attacker can exploit the vulnerability by sending an invalid 's' parameter to the...

4.3CVSS6.2AI score0.00708EPSS
Exploits1References1
Prion
Prion
added 2017/12/15 9:29 a.m.11 views

Path traversal

Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php...

4CVSS4.7AI score0.00708EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2017/05/10 9:30 a.m.7 views

SUSE-SU-2017:1233-1 Security update for openstack-magnum

This update for openstack-magnum fixes the following issues: Security issues fixed: - CVE-2016-7404: Magnum created instances have full API access to creating user's OpenStack account bsc998182. Bugfixes: - Fixed exception for InvalidParameterValue. - Updated patches have been tested against...

9.8CVSS9.7AI score0.01867EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/08/23 12:0 a.m.10 views

The vulnerability of the Android operating system, which allows a hacker to trigger a service failure

The vulnerability of the decoder/ih264dapi.c file in the Android operating system’s media server is related to improper handling of invalid PPS and SPS blocks. Exploiting this vulnerability allows a malicious actor to cause service interruptions device freezing and reboots by using a specially...

7.1CVSS6.2AI score0.00574EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/01/13 3:59 p.m.15 views

CVE-2016-1569

FireBird 2.5.5 allows remote authenticated users to cause a denial of service daemon crash by using service manager to invoke the gbak utility with an invalid parameter...

6.5CVSS6.2AI score0.02304EPSS
Exploits1References5
OSV
OSV
added 2016/01/13 3:59 p.m.2 views

CVE-2016-1569

FireBird 2.5.5 allows remote authenticated users to cause a denial of service daemon crash by using service manager to invoke the gbak utility with an invalid parameter...

6.5CVSS6.5AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2015/04/13 2:59 p.m.32 views

CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

4.3CVSS6AI score0.02111EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2015/04/13 2:0 p.m.22 views

CVE-2015-2941

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to inject arbitrary web script or HTML via an invalid parameter in a wddx format request to api.php, which is not properly handled in an error...

4.3CVSS5.5AI score0.02111EPSS
Exploits1
Veeam
Veeam
added 2015/02/10 12:0 a.m.13 views

Direct SAN Restore for thick disk VDDK error: One of the parameters supplied is invalid

Challenge When performing a write operation using Direct-SAN transport mode e.g., Entire VM Restore, VM Hard Disk Restore, or initial run of a replication job the task fails with the error: Unable to execute write operation using advanced transport, failing over to network mode... ERR |VDDK error...

7.4AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2015/01/12 7:0 p.m.25 views

CVE-2013-2603

The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 performs unexpected type conversions for invalid parameter types, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via craft...

7.8AI score0.04174EPSS
Exploits0References3
Rows per page
Query Builder