Lucene search
+L

189 matches found

NVD
NVD
added 2024/03/28 3:15 p.m.17 views

CVE-2023-45715

The console may experience a service interruption when processing file names with invalid characters...

4.3CVSS4AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/28 2:26 p.m.46 views

CVE-2023-45715 HCL BigFix Platform is susceptible to a Denial of Service attack

The console may experience a service interruption when processing file names with invalid characters...

3.5CVSS4.4AI score0.004EPSS
Exploits0References1
CVE
CVE
added 2024/03/28 2:26 p.m.73 views

CVE-2023-45715

CVE-2023-45715 affects the HCL BigFix Platform console. A vulnerability causes a service interruption (Denial of Service) when the console processes file names that contain invalid characters. The root cause is not explicitly detailed in the provided documents beyond the impact condition. Current...

4.3CVSS4AI score0.004EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.4 views

PT-2024-13274 · Vconsole · Vconsole

Name of the Vulnerable Software and Affected Versions: Console affected versions not specified Description: The console may experience a service interruption when processing file names with invalid characters. Recommendations: At the moment, there is no information about a newer version that...

3.5CVSS6.9AI score0.004EPSS
Exploits0References6
OSV
OSV
added 2024/02/29 6:15 a.m.11 views

CVE-2023-1841

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Honeywell MPA2 Access Panel Web server modules allows XSS Using Invalid Characters.This issue affects MPA2 Access Panel all version prior to R1.00.08.05. Honeywell released firmware update package...

4.8CVSS5.8AI score0.00372EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.23 views

Honeywell MPA2 Access Panel Security Vulnerability

The Honeywell MPA2 Access Panel is a hardware device for access control systems from Honeywell USA. A security vulnerability exists in Honeywell MPA2 Access Panel versions prior to R1.00.08.05 that stems from a cross-site scripting vulnerability that allows the use of invalid characters...

8.1CVSS6.1AI score0.00372EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/30 12:0 a.m.35 views

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6456-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6456-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

9.8CVSS7.7AI score0.01585EPSS
Exploits0References10
OSV
OSV
added 2023/10/25 6:17 p.m.4 views

CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS7.2AI score0.00688EPSS
Exploits0References3
NVD
NVD
added 2023/10/25 6:17 p.m.18 views

CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS6.3AI score0.00688EPSS
Exploits0References3
Prion
Prion
added 2023/10/25 6:17 p.m.22 views

Code injection

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5CVSS5.3AI score0.00688EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2023/10/25 12:0 a.m.22 views

CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS6.3AI score0.00688EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.7 views

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 119. An attacker could use the vulnerability to set a cookie containing invalid characters using "document.cookie"...

5.3CVSS6.4AI score0.00688EPSS
Exploits0References8
OSV
OSV
added 2023/10/25 12:0 a.m.4 views

UBUNTU-CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS7.1AI score0.00688EPSS
Exploits0References6
OSV
OSV
added 2023/09/05 9:9 a.m.9 views

CLSA-2023-1693904973 Fix CVE(s): CVE-2022-48174

SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174...

9.8CVSS7.2AI score0.0313EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/31 12:0 a.m.21 views

Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration. The specific flaw exists within the implementati...

5.8CVSS6.5AI score0.01171EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/03 12:0 a.m.6 views

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that originates from displaying a full parameterized SQL...

4.3CVSS5.3AI score0.00435EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.1 views

SUSE CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

2.6CVSS7.1AI score0.22526EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-6406

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

5CVSS6.9AI score0.03179EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.13 views

SUSE CVE-2016-6816

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a...

7.1CVSS6.3AI score0.39633EPSS
Exploits6References12
Positive Technologies
Positive Technologies
added 2022/12/02 12:0 a.m.5 views

PT-2022-28190 · Varnish · Varnish Cache

Name of the Vulnerable Software and Affected Versions: Varnish Cache versions prior to 6.0.11 Description: A request forgery attack can be performed on Varnish Cache servers with the HTTP/2 protocol enabled. An attacker may introduce invalid characters through HTTP/2 pseudo-headers, causing the...

7.4AI score
Exploits0References4
Rows per page
Query Builder