Lucene search
K

181 matches found

cnvd
cnvd
added 2021/02/03 12:0 a.m.4 views

Unspecified Vulnerability in Blackbeam Rust-marc

Blackbeam Rust-marc is a codebase for the Rust language from Blackbeam's individual developers to interact with mrc format files. A security vulnerability exists in Blackbeam Rust-marc versions prior to 2.0.0, which stems from a user-supplied read implementation that can access the old contents o...

7.5CVSS6.5AI score0.01498EPSS
Exploits1References1
cve
cve
added 2021/01/29 2:27 a.m.74 views

CVE-2021-26308

The CVE concerns the marc crate for Rust, affecting versions before 2.0.0. Affected code path is within the user-provided Read implementation (Record::read()), which could expose the old contents of newly allocated memory due to an uninitialized buffer being exposed to callers. This memory exposu...

7.5CVSS7.5AI score0.01498EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/01/29 2:27 a.m.19 views

CVE-2021-26308

An issue was discovered in the marc crate before 2.0.0 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated memory, violating soundness...

7.8AI score0.01498EPSS
Exploits1References1
cnnvd
cnnvd
added 2021/01/28 12:0 a.m.10 views

Blackbeam Rust-marc 安全漏洞

Blackbeam Rust-marc is a codebase for the Rust language from Blackbeam's individual developers to interact with mrc format files. A security vulnerability exists in Blackbeam Rust-marc versions prior to 2.0.0, which stems from a user-supplied read implementation that can access the old contents o...

7.5CVSS7.1AI score0.01498EPSS
Exploits1References2
nessus
nessus
added 2020/12/09 12:0 a.m.53 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : curl vulnerabilities (USN-4665-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4665-1 advisory. Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sen...

7.5CVSS6.9AI score0.09917EPSS
Exploits3References5
patchstack
patchstack
added 2020/10/29 12:0 a.m.45 views

WordPress <= 5.5.1 - Cross-Site Scripting (XSS) via Global Variables vulnerability

Cross-Site Scripting XSS via Global Variables vulnerability found by Marc Montas in WordPress versions = 5.5.1. Solution Update the WordPress to the latest available version at least 5.5.2...

6.1CVSS2.8AI score0.017EPSS
Exploits0References1Affected Software1
openbugbounty
openbugbounty
added 2020/09/19 10:15 a.m.8 views

marc-pain.de Cross Site Scripting vulnerability OBB-1348284

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2020/09/16 5:49 p.m.37 views

marc-wesseling.de Cross Site Scripting vulnerability OBB-1342378

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
ubuntu
ubuntu
added 2020/08/19 11:33 a.m.65 views

USN-4466-1: curl vulnerability

Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information...

7.5CVSS6.7AI score0.03721EPSS
Exploits1
openbugbounty
openbugbounty
added 2020/06/22 6:28 a.m.13 views

marc-pain.de Cross Site Scripting vulnerability OBB-1203551

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2020/05/31 6:52 a.m.10 views

marc.gale.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1178891 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Exploits0
mssecure
mssecure
added 2020/01/29 5:0 p.m.34 views

Afternoon Cyber Tea—The State of Cybersecurity: How did we get here? What does it mean?

Every year the number and scale of cyberattacks grows. Marc Goodman, a global security strategist, futurist, and author of the book, Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It, thinks a lot about how we got here and what it means, which is why he w...

0.1AI score
Exploits0
nvd
nvd
added 2020/01/24 5:15 p.m.24 views

CVE-2014-1924

The MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors...

9.8CVSS9.8AI score0.02038EPSS
Exploits1References4
nvd
nvd
added 2020/01/24 5:15 p.m.21 views

CVE-2014-1925

SQL injection vulnerability in the MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE:...

9.8CVSS9.5AI score0.0199EPSS
Exploits1References4
prion
prion
added 2020/01/24 5:15 p.m.21 views

Sql injection

The MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors...

7.5CVSS9.6AI score0.02038EPSS
Exploits1References4Affected Software1
prion
prion
added 2020/01/24 5:15 p.m.18 views

Sql injection

SQL injection vulnerability in the MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE:...

7.5CVSS9.4AI score0.02038EPSS
Exploits2References4Affected Software1
cve
cve
added 2020/01/24 4:42 p.m.57 views

CVE-2014-1925

Koha CVE-2014-1925 affects the MARC framework import/export function (admin/import_export_framework.pl). Affected versions include Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3. Description: an SQL injection vulnerability allows remote authenticated us...

9.8CVSS9.4AI score0.0199EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2020/01/24 4:42 p.m.25 views

CVE-2014-1924

The MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors...

9.8AI score0.02038EPSS
Exploits1References4
cve
cve
added 2020/01/24 4:42 p.m.59 views

CVE-2014-1924

The CVE-2014-1924 entry affects Koha’s MARC framework import/export function (admin/import_export_framework.pl). The vulnerability occurs in Koha versions before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3, where the import/export interface does not require auth...

9.8CVSS9.7AI score0.02038EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2019/12/10 6:7 a.m.21 views

CVE-2019-19698

marc-q libwav through 2017-04-20 has a NULL pointer dereference in wavcontentread at libwav.c...

6.5AI score0.01173EPSS
Exploits1References2
Rows per page
Query Builder