Lucene search
+L

12 matches found

osv
osv
added 2024/03/06 11:2 a.m.39 views

BIT-NODE-2022-3786 X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.1AI score0.92488EPSS
Exploits2References6
osv
osv
added 2023/04/05 8:15 p.m.2 views

UBUNTU-CVE-2023-0523

An issue has been discovered in GitLab affecting all versions starting from 15.6 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. An XSS was possible via a malicious email address for certain instances...

6.1CVSS5.7AI score0.00642EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/04/05 12:0 a.m.3 views

PT-2023-16330 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.6 through 15.8.4 GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: An issue has been discovered in GitLab, allowing for a cross-site scripting XSS attack via a malicious email address fo...

6.1CVSS5.9AI score0.00642EPSS
Exploits0References14
debiancve
debiancve
added 2023/04/05 12:0 a.m.24 views

CVE-2023-0523

Removed by vendor...

6.1CVSS6.3AI score0.00642EPSS
Exploits0
cnnvd
cnnvd
added 2023/03/31 12:0 a.m.6 views

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab Community Edition and GitLab Enterpri...

6.1CVSS6.4AI score0.00642EPSS
Exploits0References5
cnvd
cnvd
added 2022/11/03 12:0 a.m.66 views

OpenSSL Denial of Service Vulnerability (CNVD-2022-73349)

OpenSSL is a powerful, commercial-grade, full-featured open source toolkit for the Transport Layer Security TLS protocol, which is implemented based on the Full Strength Common Cryptographic Library for protecting communications on computer networks from eavesdropping and is widely used by Intern...

3.9AI score0.92488EPSS
Exploits2Affected Software1
osv
osv
added 2022/11/01 12:0 a.m.56 views

CVE-2022-3602 X.509 Email Address 4-byte Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

7.5CVSS7.7AI score0.9077EPSS
Exploits6References44
ubuntucve
ubuntucve
added 2022/11/01 12:0 a.m.55 views

CVE-2022-3786

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS7.5AI score0.92488EPSS
Exploits2References3
vulnrichment
vulnrichment
added 2022/11/01 12:0 a.m.6 views

CVE-2022-3786 X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.7AI score0.92488EPSS
Exploits2References2
veracode
veracode
added 2020/01/08 5:5 a.m.18 views

Cross-Site Scripting (XSS)

moodle/moodle is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a user's browser via the user's email, causing the payload to be rendered and executed on pages that displays the malicious email address...

6.1CVSS4.1AI score0.01113EPSS
Exploits0References3Affected Software1
veracode
veracode
added 2019/01/15 9:3 a.m.24 views

Arbitrary Command Execution

mailx is vulnerable to arbitrary command execution. A remote attacker is able to execute arbitrary commands through the expand function in fio.c using shell metacharacters in a malicious email address...

7.5CVSS7.9AI score0.06858EPSS
Exploits1References13Affected Software1
myhack58
myhack58
added 2017/01/10 12:0 a.m.147 views

CVE-2016-10033: the PHPMailer remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

PHP is an open source scripting language that is used to embed the HTML to do Web development. It has 9 million users, and is the many popular tools such as WordPress, Drupal, Joomla! Etc. This Monday a high-risk security update to solve the PHPMailer remote code execution vulnerability...

10AI score0.99714EPSS
Exploits58
Rows per page
Query Builder