Lucene search
K

112 matches found

Positive Technologies
Positive Technologies
added 2021/10/22 12:0 a.m.3 views

PT-2021-22139 · Auvesy · Auvesy Webinstaller

Name of the Vulnerable Software and Affected Versions: Auvesy webinstaller affected versions not specified Description: The issue concerns a Golang web server executable used for generating an Auvesy image agent. It allows for resource consumption by creating a large number of installations that...

8CVSS6.3AI score0.00788EPSS
Exploits0References3
CNVD
CNVD
added 2019/10/30 12:0 a.m.2 views

Red Hat XML Language Support XML Language Server Cross-Site Scripting Vulnerability

Red Hat XML Language Support vscode-xml is the United States Red Hat Red Hat a support for the creation and editing of XML documents Visual Studio Code extensions. XML Language Server is used in one of the XML language server. A cross-site scripting vulnerability exists in Red Hat XML Language...

8.8CVSS6.5AI score0.01981EPSS
Exploits1References1
NVD
NVD
added 2019/10/23 10:15 p.m.30 views

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

8.8CVSS8.6AI score0.01981EPSS
Exploits1References6
OSV
OSV
added 2019/10/23 10:15 p.m.14 views

CVE-2019-18212

XMLLanguageService.java in XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal...

6.5CVSS7.3AI score
Exploits0References6
OSV
OSV
added 2019/10/23 10:15 p.m.20 views

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

8.8CVSS7.2AI score
Exploits0References6
Prion
Prion
added 2019/10/23 10:15 p.m.16 views

Design/Logic Flaw

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

6.5CVSS8.5AI score0.01981EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2019/10/23 9:6 p.m.25 views

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

8.7AI score0.01981EPSS
Exploits1References6
CVE
CVE
added 2019/10/23 9:6 p.m.98 views

CVE-2019-18213

XML Language Server (lsp4xml) prior to 0.9.1 used in Red Hat XML Language Support (vscode-xml) prior to 0.9.1 is affected. The vulnerability arises in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java, where XXE can be triggered by a crafted XML document, leading to ...

8.8CVSS8.6AI score0.01981EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2019/10/23 9:5 p.m.96 views

CVE-2019-18212

XML Language Service (lsp4xml) in Red Hat XML Language Support (vscode-xml) versions before 0.9.1 is affected by a directory traversal vulnerability that allows a remote attacker to write to arbitrary files via XMLLanguageService.java. The issue is present in the XML Language Server implementatio...

6.5CVSS6.5AI score0.02841EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2019/10/23 9:5 p.m.27 views

CVE-2019-18212

XMLLanguageService.java in XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal...

6.6AI score0.02841EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2000/03/08 12:0 a.m.27 views

WorldView 6.5/Wnn4 4.2 - Asian Language Server Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/1603/info A remote buffer overflow exists in the Asian language servers portion of a number of different implementations of Wnn. It has been reported that only systems that have WorldView Japanese, Korean, and Chinese installed are vulnerable to this...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.8 views

SQL Server 2017 RTM Cumulative Update (CU) 14 KB4484710

SQL Server 2017 RTM Cumulative Update CU 14 KB4484710...

5.8AI score
Exploits0
Rows per page
Query Builder