Lucene search
K

215 matches found

Prion
Prion
added 2020/10/27 8:15 p.m.19 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iO...

4CVSS5.2AI score0.01205EPSS
Exploits0References5Affected Software4
Cvelist
Cvelist
added 2020/10/27 8:8 p.m.25 views

CVE-2019-8901

This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action...

5.7AI score0.00491EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/27 7:39 p.m.22 views

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.2AI score0.02091EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/10/27 7:39 p.m.34 views

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS6.1AI score0.02091EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/10/27 7:39 p.m.32 views

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS8.3AI score0.02091EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/10/27 7:39 p.m.46 views

CVE-2019-8675

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

8.8CVSS8.3AI score0.02031EPSS
Exploits0
Cvelist
Cvelist
added 2020/10/27 7:38 p.m.22 views

CVE-2019-8612

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iO...

5.8AI score0.01205EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/10/27 7:24 p.m.21 views

CVE-2019-8564

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state...

7AI score0.01009EPSS
Exploits0References1
NVD
NVD
added 2020/09/09 7:15 p.m.38 views

CVE-2020-15785

A vulnerability has been identified in Siveillance Video Client All versions. In environments where Windows NTLM authentication is enabled the affected client application transmits usernames to the server in cleartext. This could allow an attacker in a privileged network position to obtain valid...

5.3CVSS0.00623EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2020/09/01 4:16 p.m.37 views

Downloads Resources over HTTP in pm2-kafka

Affected versions of pm2-kafka insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...

9.3CVSS6.4AI score0.01752EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/09/01 4:10 p.m.17 views

GHSA-H2JV-5V3F-7M7J Downloads Resources over HTTP in adamvr-geoip-lite

Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...

8.1CVSS7.8AI score0.00717EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2020/09/01 4:7 p.m.33 views

frames-compiler downloads Resources over HTTP

Affected versions of frames-compiler insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

9.3CVSS8.1AI score0.02104EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/08/24 10:15 p.m.18 views

CVE-2020-24613

wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAITCERTCR state, within SanityCheckTls13MsgReceived in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers...

6.8CVSS6.3AI score
Exploits0References1
Debian CVE
Debian CVE
added 2020/08/24 9:6 p.m.30 views

CVE-2020-24613

wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAITCERTCR state, within SanityCheckTls13MsgReceived in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers...

6.8CVSS6.4AI score0.00861EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/08/06 9:12 a.m.5 views

chromium-browser: Inappropriate implementation in WebRTC

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...

6.5CVSS7.3AI score0.0779EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 2020/07/30 7:40 a.m.2 views

chromium-browser: Inappropriate implementation in WebRTC

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...

6.5CVSS7.3AI score0.0779EPSS
Exploits6References5
UbuntuCve
UbuntuCve
added 2020/07/22 5:15 p.m.45 views

CVE-2020-6514

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...

6.5CVSS6.9AI score0.0779EPSS
Exploits6References4
NVD
NVD
added 2020/07/14 2:15 p.m.21 views

CVE-2020-10039

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to...

8.1CVSS0.00523EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/14 1:18 p.m.22 views

CVE-2020-10039

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to...

7.8AI score0.00523EPSS
Exploits0References1
NVD
NVD
added 2020/04/17 6:15 p.m.23 views

CVE-2019-6203

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic...

9.8CVSS7.5AI score0.0419EPSS
Exploits0References3
Rows per page
Query Builder