Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.9 views

RHEL 9 : git-lfs (RHSA-2026:10712)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:10712 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...

7.5CVSS5.6AI score0.00728EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/01 12:43 p.m.9 views

CVE-2025-12106

Insufficient argument validation in OpenVPN 2.7alpha1 through 2.7rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses...

0.00538EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/03/12 2:36 p.m.90 views

USN-7348-1: Python vulnerabilities

It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu...

7.8CVSS7.5AI score0.01499EPSS
Exploits0
Talos
Talos
added 2023/05/10 12:0 a.m.44 views

Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...

7.5CVSS7AI score0.0148EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/03/24 12:0 a.m.134 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) (RHSA-2022:0998)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0998 advisory. Security Fixes: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 crypto/tls:...

7.5CVSS7.2AI score0.06975EPSS
Exploits2References7
CNNVD
CNNVD
added 2022/01/14 12:0 a.m.6 views

lib60870代码问题漏洞

lib60870 is a C language library based on the IEC60870-5 protocol. The library provides support for CompanionStandard 101 CS101 and 104 CS104 of the IEC family of standards for remote control applications IEC60870-5 and is commonly used in power systems for communication between central station...

7.5CVSS7.4AI score0.01062EPSS
Exploits1References2
OSV
OSV
added 2021/10/27 11:3 a.m.4 views

OESA-2021-1402 golang security update

The go programming language Security Fixes: Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection e.g., XSS that does not conform to the RFC1035 format.CVE-2021-33195 In...

9.8CVSS5.5AI score0.10299EPSS
Exploits6References9
RedHat Linux
RedHat Linux
added 2021/09/21 10:7 a.m.47 views

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.8AI score0.03775EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/09/07 8:38 a.m.3 views

golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet

A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.5CVSS7.1AI score0.03775EPSS
Exploits1References5
OSV
OSV
added 2021/08/07 5:15 p.m.2 views

DEBIAN-CVE-2021-29923

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR...

7.5CVSS7AI score0.03775EPSS
Exploits1References1
OSV
OSV
added 2021/08/07 5:15 p.m.3 views

DEBIAN-CVE-2021-29922

library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which in some situations allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation...

9.1CVSS8.3AI score0.02623EPSS
Exploits1References1
OSV
OSV
added 2020/03/12 12:15 a.m.3 views

CVE-2019-5180

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

7.8CVSS7.4AI score
Exploits0References1
Veracode
Veracode
added 2019/01/15 9:6 a.m.39 views

Cookie Leak

libcurl.so is vulnerable to cookie leak. A remote attacker is able to set or send arbitrary cookies for certain sites. libcurl.so parses IP addresses similar to domain names, where a site with an IP address of 192.168.0.1 can set or send cookies for another site ending with .168.0.1...

5CVSS9.2AI score0.07432EPSS
Exploits0References26Affected Software1
Veracode
Veracode
added 2018/08/13 3:18 a.m.29 views

Cookie Leak

libcurl.so is vulnerable to cookie leak. A remote attacker is able to set or send arbitrary cookies for certain sites. libcurl.so parses IP addresses similar to domain names, where a site with an IP address of 192.168.0.1 can set or send cookies for another site ending with .168.0.1...

5CVSS9.2AI score0.07432EPSS
Exploits0References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/05 12:0 a.m.21 views

MediaWiki < 1.23.12 / 1.24.5 / 1.25.4 / 1.26.1 Multiple Vulnerabilities

Binary data 9473.prm...

9.8CVSS7.2AI score0.01888EPSS
Exploits0References7
Gentoo Linux
Gentoo Linux
added 2004/05/26 12:0 a.m.53 views

Apache 1.3: Multiple vulnerabilities

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description On...

7.5CVSS7AI score0.11549EPSS
Exploits7
Rows per page
Query Builder