CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3296 matches found

Veracode•added 2019/01/15 9:9 a.m.•24 views

Denial Of Service (DoS)

redis is vulnerable to denial of service DoS attacks. The vulnerability exists as an integer overflow in the getnum function in luastruct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial o...

7.5CVSS7.7AI score0.06469EPSS

Exploits1References14Affected Software1

Veracode•added 2019/01/15 9:7 a.m.•28 views

Arbitrary Code Execution

redis is vulnerable to arbitrary code execution attacks. The vulnerability exists as Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

10CVSS9.7AI score0.08757EPSS

Exploits2References16Affected Software1

Positive Technologies•added 2019/01/10 12:0 a.m.•5 views

PT-2019-5458

Name of the Vulnerable Software and Affected Versions Lua version 5.3.5 Description The issue is related to a use-after-free in the lua upvaluejoin function in lapi.c, which can be exploited by an attacker to cause a crash. This can be achieved by triggering a debug.upvaluejoin call with specific...

7.8CVSS6.7AI score0.00904EPSS

Exploits5References43

Tenable Nessus•added 2019/01/03 12:0 a.m.•42 views

Fedora 28 : httpd (2018-49d3b42425)

This update includes the latest upstream release, httpd 2.4.34, with multiple bug fixes and enhancements. See http://www.apache.org/dist/httpd/CHANGES2.4.34 for more information on the changes in this version. A security vulnerability is addressed in this update : - modmd: DoS via Coredumps on...

7.5CVSS6.6AI score0.77705EPSS

Exploits0References3

Tenable Nessus•added 2019/01/03 12:0 a.m.•17 views

Fedora 28 : knot-resolver (2018-c894f896fd)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...

5.5AI score

Exploits0References1

n0where•added 2018/11/12 6:9 p.m.•121 views

Open Source IPS: Suricata

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection IDS, inline intrusion prevention IPS, network security monitoring NSM and offline pcap processing. Suricata inspects the network traffic usi...

Exploits0

Tenable Nessus•added 2018/10/24 12:0 a.m.•34 views

openSUSE Security Update : haproxy (openSUSE-2018-1229)

This update for haproxy to version 1.8.14 fixes the following issues : These security issues were fixed : - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 -...

7.5CVSS6.7AI score0.00225EPSS

Exploits0References5

OPENSUSE Linux•added 2018/10/23 3:26 p.m.•155 views

Security update for haproxy (important)

This update for haproxy to version 1.8.14 fixes the following issues: These security issues were fixed: - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 - CVE-2018-11469...

4.3CVSS0.2AI score0.00225EPSS

Exploits0References3

Kitploit•added 2018/10/03 9:19 p.m.•89 views

XenoScan - Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game's state in memory. XenoScan is writte...

7.3AI score

Exploits0References1

OpenVAS•added 2018/09/19 12:0 a.m.•18 views

Redis LUA Multiple Vulnerabilities (Sep 2018) - Linux

Redis is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if description...

7.8AI score

Exploits0References1

Kitploit•added 2018/08/25 7:3 p.m.•29 views

Syhunt Community Hybrid Scanner v6.2

Syhunt Community is a hybrid static and dynamic web application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detaile...

6.9AI score

Exploits0

n0where•added 2018/08/21 6:36 p.m.•32 views

Open source memory scanner written in C++: XenoScan

0.3AI score

Exploits0References1

OSV•added 2018/07/25 8:24 a.m.•4 views

MGASA-2018-0325 Updated wesnoth packages fix security vulnerability

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

8.8CVSS8.2AI score0.00425EPSS

Exploits0References4

ArchLinux•added 2018/07/25 12:0 a.m.•13 views

[ASA-201807-15] wesnoth: arbitrary code execution

Arch Linux Security Advisory ASA-201807-15 ========================================== Severity: High Date : 2018-07-25 CVE-ID : CVE-2018-1999023 Package : wesnoth Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-741 Summary ======= The package wesnoth before...

8.8CVSS1.7AI score0.00425EPSS

Exploits0References5