CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/11/24 11:29 a.m.•8 views

OPENSUSE-SU-2020:2008-1 Security update for rclone

This update for rclone fixes the following issues: rclone was updated to version 1.53.3: Bug Fixes - Fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 boo1179005 Nick Craig-Wood - Check https://github.com/rclone/passwordcheck for a tool check for weak passwords generated by...

7.5CVSS7.6AI score0.01336EPSS

Exploits1References3

OpenVAS•added 2020/11/20 12:0 a.m.•6 views

GaussDB Kernel: Setting the Maximum Number of Concurrent Connections to the Database

maxconnections specifies the maximum concurrent connections to the database. Increasing the value of this parameter may cause GaussDB Kernel to request System V to share more memory or semaphore. If this occurs, the shared memory or semaphore will exceed the default value allowed by the OS. When...

7.2AI score

OpenVAS•added 2020/11/20 12:0 a.m.•7 views

GaussDB Kernel: Configuring the Maximum Capacity of a Log File

logrotationsize specifies the maximum capacity of a log file. When the size of a log file reaches the specified value, another log file is automatically created. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

OpenVAS•added 2020/11/20 12:0 a.m.•7 views

GaussDB Kernel: Configuring the Maximum Logging Duration of a Log File

The parameter logrotationage specifies the maximum logging duration of a log file. After the time expires, another log file is automatically created. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

ATTACKERKB•added 2020/11/13 8:15 p.m.•4 views

CVE-2020-27217

In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP...

7.5CVSS5.4AI score0.01289EPSS

Exploits0References2Affected Software1

OpenVAS•added 2020/11/11 12:0 a.m.•6 views

openGauss: Configuring the Maximum Number of Audit Log Files

The parameter auditfileremainthreshold specifies the maximum number of audit log files. When the total number of audit log files exceeds the specified value, the system writes the warning information to the database logs, deletes the earliest audit log files, and records the deletion to the audit...

7AI score

OpenVAS•added 2020/11/11 12:0 a.m.•6 views

openGauss: Configuring the Maximum Capacity of a Log File

OpenVAS•added 2020/11/11 12:0 a.m.•7 views

openGauss: Configuring the Maximum Disk Space Occupied by All Audit Log Files

The parameter auditspacelimit specifies the maximum disk space occupied by all audit log files. When the total size of audit log files exceeds the maximum value, the system writes the warning information to the database logs, deletes the earliest audit log files, and records the deletion to the...

7AI score

OpenVAS•added 2020/11/11 12:0 a.m.•7 views

openGauss: Configuring the Maximum Logging Duration of An Audit Log File

The parameter auditrotationinterval specifies the maximum logging duration of an audit log file. After the time expires, another audit log file is automatically Created. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Openbugbounty•added 2020/11/01 12:31 p.m.•6 views

maximum-standart.com.ua Cross Site Scripting vulnerability OBB-1473480

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Debian CVE•added 2020/10/12 1:46 p.m.•38 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

4.3CVSS7.4AI score0.57286EPSS

Citrix•added 2020/10/09 12:0 a.m.•7 views

Error: "Login exceeds maximum allowed users" on NetScaler Gateway

Users get the following error message when they try to log on through NetScaler Gateway: "Login exceeds maximum allowed users". Usually this issue appears after a firmware upgrade from NetScaler Gateway 9.x to NetScaler Gateway 10.5 and Universal Gateway License is allocated...

7.1AI score

Zero Day Initiative•added 2020/09/28 12:0 a.m.•39 views

Trend Micro Maximum Security Race Condition Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.3CVSS3.7AI score0.00294EPSS

Microsoft CVE•added 2020/09/25 7:0 a.m.•2 views

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX leading to read_section_as_string() to an arithmetic overflow zero-sized allocation and further heap-based buffer overflow.

...

6CVSS7AI score0.00478EPSS

OSV•added 2020/09/24 6:15 p.m.•4 views

CVE-2020-3527

A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger...

8.6CVSS5.8AI score0.01374EPSS

Japan Vulnerability Notes•added 2020/09/23 12:0 a.m.•49 views

JVN#60093979: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products

Active Update function implemented in Premium Security 2019 for Windows v15, Maximum Security 2019 for Windows v15, Internet Security 2019 for Windows v15 and Antivirus+ 2019 for Windows v15 provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Update files are not...

7.5CVSS8.2AI score0.01772EPSS

The Hacker News•added 2020/09/01 9:51 a.m.•23 views

Maximum Lifespan of SSL/TLS Certificates is 398 Days Starting Today

Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months 825 days. In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates...