Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8586

Malware in sbrugna...

5.9CVSS5.8AI score0.00712EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.28 views

RHEL 7 : python-twisted (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-twisted: XMPP support in words.protocols.jabber.xmlstream in Twisted does not verify certificates allowing f...

7.4CVSS7.5AI score0.01817EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2019-0360)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.02535EPSS
Exploits1References5
Prion
Prion
added 2020/04/03 11:15 a.m.17 views

Design/Logic Flaw

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...

4.3CVSS5.7AI score0.00712EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/04/03 11:0 a.m.31 views

CVE-2019-18905 Deprecated functionality in autoyast2 automatically imports gpg keys without checking them

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...

4.8CVSS5.6AI score0.00712EPSS
Exploits0References2
Prion
Prion
added 2020/01/27 10:15 a.m.22 views

Input validation

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...

4.3CVSS5.8AI score0.00444EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/01/27 9:45 a.m.29 views

CVE-2017-14806 Insecure handling of repodata and packages in SUSE Studio onlite

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...

3.7CVSS5.8AI score0.00444EPSS
Exploits0References1
OSV
OSV
added 2019/12/06 2:15 p.m.10 views

MGASA-2019-0360 Updated python-twisted packages fix security vulnerabilities

Updated python-twisted packages fix security vulnerabilities: Improper sanitization of URIs or HTTP which could allow attackers to perform CRLF attacks CVE-2019-12387. In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS,...

7.4CVSS6.7AI score0.02535EPSS
Exploits1References4
Mageia
Mageia
added 2019/12/06 2:15 p.m.45 views

Updated python-twisted packages fix security vulnerabilities

Updated python-twisted packages fix security vulnerabilities: Improper sanitization of URIs or HTTP which could allow attackers to perform CRLF attacks CVE-2019-12387. In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS,...

7.4CVSS3.4AI score0.02535EPSS
Exploits1References3
Rows per page
Query Builder