Lucene search
K

6348 matches found

NVD
NVD
added 2021/09/16 3:15 p.m.33 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS0.36339EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2021/09/16 3:15 p.m.332 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.1AI score0.36339EPSS
Exploits0References5
OSV
OSV
added 2021/09/16 3:15 p.m.2 views

UBUNTU-CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.1AI score0.36339EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2021/09/16 2:40 p.m.59 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS9.4AI score0.36339EPSS
Exploits0
Cvelist
Cvelist
added 2021/09/16 2:40 p.m.249 views

CVE-2021-39275 ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.9AI score0.36339EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2021/09/16 12:0 a.m.67 views

Drupal 8.9.x < 8.9.19 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.19, 9.1.x prior to 9.1.13, or 9.2.x prior to 9.2.6. It is, therefore, affected by multiple vulnerabilities. - Under some circumstances, the Drupal core JSON:API module does not...

9.8CVSS6.9AI score0.01217EPSS
Exploits0References11
Apache Httpd
Apache Httpd
added 2021/09/16 12:0 a.m.547 views

Apache Httpd < 2.4.49 : ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS2AI score0.36339EPSS
Exploits0
Prion
Prion
added 2021/09/15 2:15 p.m.14 views

Improper access control

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile' function in the component 'modules/filemanager/FileManagerController.java'...

4CVSS6.3AI score0.03606EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/09/14 12:15 p.m.1 views

CVE-2021-38176

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...

8.8CVSS7.4AI score0.01228EPSS
Exploits0References2
Prion
Prion
added 2021/09/14 12:15 p.m.13 views

Input validation

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...

9CVSS8.8AI score0.01228EPSS
Exploits0References2Affected Software4
Positive Technologies
Positive Technologies
added 2021/09/14 12:0 a.m.5 views

PT-2021-7529

Name of the Vulnerable Software and Affected Versions Modicon M340 CPUs versions prior to V3.40 Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 H, BMXNOE0110 H, BMXNOC0401, BMXNOR0200H RTU All Versions Modicon Premium Processors with integrated Ethernet Copro: TSXP574634, TSXP575634,...

7.8CVSS7.2AI score0.0094EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/09/14 12:0 a.m.6 views

PT-2021-7528 · Schneider Electric · Modicon M340 X80 Ethernet Communication Modules +5

Name of the Vulnerable Software and Affected Versions: Modicon M340 CPUs versions prior to V3.40 Modicon M340 X80 Ethernet Communication Modules versions all versions Modicon Premium Processors with integrated Ethernet versions all versions Modicon Quantum Processors with Integrated Ethernet...

7.8CVSS7.8AI score0.01012EPSS
Exploits0References3
NCSC
NCSC
added 2021/09/08 12:0 a.m.5 views

Vulnerabilities fixed in Google Android

Google has fixed vulnerabilities in the Android OS. A malicious party could misuse the vulnerabilities to gain access to sensitive data or give himself elevated privileges. To do this, the malicious party must trick the victim into installing a rogue app to install. The vulnerability with referen...

10CVSS7AI score0.00778EPSS
Exploits0
Kitploit
Kitploit
added 2021/09/07 8:30 p.m.135 views

TIGMINT - OSINT (Open Source Intelligence) GUI Software Framework

An OSINT Open Source Intelligence software framework with an objective of making cyber investigations more convinient by implementing abstraction mechanisms to hide the background technical complexity also bundling different analysis techniques for social media Intelligence together providing a...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2021/09/04 12:30 p.m.39 views

Zuthaka - An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools

A collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. Explore the docs » About the project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team...

7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/09/04 12:0 a.m.45 views

openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...

7.8CVSS6.2AI score0.0187EPSS
Exploits0References41
Tenable Nessus
Tenable Nessus
added 2021/09/04 12:0 a.m.55 views

SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:2923-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2923-1 advisory. Update to Xen 4.13.3 general bug fix release bsc1027519. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubb...

7.8CVSS6.7AI score0.0187EPSS
Exploits0References41
vulnersOsv
vulnersOsv
added 2021/09/02 4:52 p.m.4 views

com.avast:sst-app-monix_3 (>=0.17.0 <=0.19.3), com.avast:sst-app-zio_3 (>=0.17.0 <=0.19.3) +23 more potentially affected by CVE-2021-39185 via org.http4s:http4s-server_3 (>=0.22.0 <=0.22.2)

org.http4s:http4s-server3 MAVEN version =0.22.0, =0.17.0, =0.17.0, =0.16.0, =0.17.0, =0.16.0, =0.17.0, =0.16.0, =0.16.0, =0.17.0, =0.17.0, =0.16.0, =0.16.0, =0.18.1, =0.22.0, =0.22.0, =0.22.15 and more Source cves: CVE-2021-39185 Source advisory: OSV:GHSA-52CF-226F-RHR6...

9.1CVSS7.2AI score0.00594EPSS
Exploits0
OSV
OSV
added 2021/08/31 5:15 p.m.2 views

DEBIAN-CVE-2021-39135

@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...

7.8CVSS7.4AI score0.00553EPSS
Exploits0References1
OSV
OSV
added 2021/08/31 5:15 p.m.2 views

UBUNTU-CVE-2021-39135

@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...

8.2CVSS7AI score0.00553EPSS
Exploits0References4
Rows per page
Query Builder