Lucene search
K

22 matches found

OSV
OSV
added 2026/06/02 2:15 p.m.14 views

EEF-CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

Summary Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.content\length\header/1...

6.3CVSS6.1AI score0.00301EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/11 2:54 p.m.4 views

CVE-2025-13152

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS6.9AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 3:31 p.m.5 views

EUVD-2025-202422

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS6.5AI score0.00118EPSS
Exploits0References3
NVD
NVD
added 2025/12/10 3:15 p.m.5 views

CVE-2025-13152

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS0.00118EPSS
Exploits0References2
CVE
CVE
added 2025/12/10 2:8 p.m.13 views

CVE-2025-13152

Technical details about CVE-2025-13152 are not provided in the supplied documents; no affected versions, root cause, or fixes are published here. Monitor for updates from vendors and security bulletins.

8.5CVSS6.6AI score0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/10 2:8 p.m.4 views

CVE-2025-13152

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS6.6AI score0.00118EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/10 2:8 p.m.34 views

CVE-2025-13152

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS0.00118EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.4 views

Lenovo One Client 安全漏洞

Lenovo One Client is a one-stop service and system management software from Lenovo China. A security vulnerability exists in Lenovo One Client that stems from a potential DLL hijacking that could lead to the execution of arbitrary code by a locally authenticated user...

8.5CVSS7.2AI score0.00118EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.7 views

PT-2025-50330

A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS7AI score0.00118EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4338

Malware in sbrugna...

7.5CVSS6.1AI score0.01755EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.5 views

The vulnerability of the client HTTP/1.1 and the Node.js software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the HTTP/1.1 client and the Node.js software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

4.6CVSS7AI score0.00734EPSS
Exploits0References8Affected Software4
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.3 views

CVE-2022-31593

SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...

8.8CVSS5.6AI score0.0093EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2022/03/22 12:0 a.m.16 views

Citrix Provisioning Services - Slow Target Boot With Sentinel One Client

Provisioned Target Devices boot slow or initially boot ok in small batches but after a certain number of Devices are running Target performance continues to nose dive. Target devices get stuck at a black screen or "found vDisk" early in the PXE boot process. Target Devices show an uptick in the...

7.1AI score
Exploits0
NVD
NVD
added 2012/06/16 12:55 a.m.37 views

CVE-2011-4409

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...

7.5CVSS6AI score0.01755EPSS
Exploits0References7
CVE
CVE
added 2012/06/16 12:0 a.m.88 views

CVE-2011-4409

CVE-2011-4409 affects the Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS, where the client fails to properly validate SSL certificates, enabling a remote attacker to perform a MITM to spoof a server and read/modify sensitive data. Connected sources (Ubuntu Security Notices US...

7.5CVSS5.9AI score0.01755EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2012/06/16 12:0 a.m.40 views

CVE-2011-4409

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...

5.8AI score0.01755EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2012/06/07 12:0 a.m.24 views

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubuntuone-storage-protocol update (USN-1465-2)

USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a...

7.5CVSS5.5AI score0.01755EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2012/06/06 7:3 p.m.54 views

USN-1465-3: Ubuntu One Client regression

USN-1465-1 fixed vulnerabilities in Ubuntu One Client. The update failed to install on certain Ubuntu 10.04 LTS systems that had a legacy Python 2.5 package installed. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Ubuntu O...

7.5CVSS5.5AI score0.01755EPSS
Exploits0
Ubuntu
Ubuntu
added 2012/06/06 1:28 p.m.45 views

USN-1465-1: Ubuntu One Client vulnerability

It was discovered that the Ubuntu One Client incorrectly validated server certificates when using HTTPS connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information...

7.5CVSS5.4AI score0.01755EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2012/06/06 12:0 a.m.20 views

CVE-2011-4409

The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle MITM attack...

7.5CVSS5.9AI score0.01755EPSS
Exploits0References4
Rows per page
Query Builder