Lucene search
K

105 matches found

Prion
Prion
added 2023/07/11 10:15 a.m.20 views

Cross site scripting

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

5.8CVSS5.9AI score0.00442EPSS
Exploits0References1Affected Software11
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.7 views

PT-2023-24198 · Xibo · Xibo

Name of the Vulnerable Software and Affected Versions: Xibo versions 3.0.0 through 3.3.4 Description: Xibo is a content management system CMS that has an issue where some API routes print a stack trace when called with missing or invalid parameters, revealing sensitive information about the...

5.3CVSS5AI score0.00538EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.6 views

Xibo 安全漏洞

Xibo is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo versions prior to 3.0.0 through 3.3.5, which originates from a stack trace being printed when called with missing or invalid parameters, which can be exploited by an attacker to vie...

5.3CVSS5.7AI score0.00538EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.2 views

SUSE CVE-2010-1173

The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service system crash via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data...

7.1CVSS6.6AI score0.21238EPSS
Exploits7References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2483

The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values...

4.3CVSS6.3AI score0.0197EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-3619

The apparmorsetprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact by writing to a...

4.6CVSS6.8AI score0.00472EPSS
Exploits2References3
F5 Networks
F5 Networks
added 2022/12/22 10:11 p.m.5 views

K15395: OpenSSL vulnerability CVE-2012-0027

Security Advisory Description The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service daemon crash via crafted data from a TLS client. CVE-2012-0027 Impact This vulnerability could...

5CVSS6.8AI score0.04992EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/07/04 7:45 a.m.8 views

php: Uninitialized array in pg_query_params() leading to RCE

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

8.1CVSS7.8AI score0.03437EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2022/06/06 7:0 a.m.9 views

CVE-2022-31625

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...

8.1CVSS8.7AI score0.03437EPSS
Exploits1References10Affected Software1
RedHat Linux
RedHat Linux
added 2022/06/03 1:51 p.m.2 views

openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subje...

7.5CVSS6.7AI score0.70561EPSS
Exploits2References5
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.6 views

Bosch IP cameras 资源管理错误漏洞

Bosch IP cameras is a German Bosch network camera. Bosch IP cameras has a denial of service vulnerability, which stems from the failure to filter invalid parameters in URLs entered by users with administrator privileges, and can be exploited by attackers to cause the camera to become unresponsive...

4.9CVSS5.5AI score0.00825EPSS
Exploits0References2
CNVD
CNVD
added 2021/05/17 12:0 a.m.8 views

Google TensorFlow suffers from an unspecified vulnerability (CNVD-2021-36361)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from an unspecified vulnerability that stems from passing invalid parameters to tf.rawops.SparseCountSparseOutput.No details of the vulnerability are provided at this...

5.5CVSS6.5AI score0.00194EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/05/14 12:0 a.m.4 views

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from an unspecified vulnerability that stems from passing invalid parameters to tf.rawops.SparseCountSparseOutput.No details of the vulnerability are provided at this...

5.5CVSS5.7AI score0.00194EPSS
Exploits1References3
Veracode
Veracode
added 2020/08/20 2:23 a.m.20 views

Cross-Site Request Forgery (CSRF)

play framework is vulnerable to cross-site request forgery CSRF. An attacker is able to bypass the CSRF filter by making CORS simple requests with content types that contain parameters that are invalid and unable to be parsed...

6.5CVSS3.9AI score0.00525EPSS
Exploits0References3Affected Software7
OSV
OSV
added 2019/11/12 8:15 p.m.3 views

DEBIAN-CVE-2010-3439

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

6.5CVSS6.4AI score0.01794EPSS
Exploits1References1
NVD
NVD
added 2019/11/12 8:15 p.m.35 views

CVE-2010-3439

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

6.5CVSS6.4AI score0.01794EPSS
Exploits1References4
OSV
OSV
added 2019/11/12 8:15 p.m.17 views

CVE-2010-3439

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

6.5CVSS6.6AI score0.01794EPSS
Exploits1References7
Prion
Prion
added 2019/11/12 8:15 p.m.20 views

Command injection

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

4CVSS7AI score0.01794EPSS
Exploits1References4Affected Software3
Debian CVE
Debian CVE
added 2019/11/12 8:0 p.m.68 views

CVE-2010-3439

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

6.5CVSS6.4AI score0.01794EPSS
Exploits1
Cvelist
Cvelist
added 2019/11/12 8:0 p.m.38 views

CVE-2010-3439

It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command...

6.4AI score0.01794EPSS
Exploits1References4
Rows per page
Query Builder