Lucene search
K

40 matches found

OSV
OSV
added 2023/03/02 1:54 p.m.11 views

SUSE-SU-2023:0602-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: Updated to version 20230222.00 and bumped go API version to 1.18 to address the following bsc1208723: - CVE-2021-38297: Fixed data overwrite when passing large arguments to GOARCH=wasm GOOS=js bsc1191468. - CVE-2022-23806: Fixed...

9.8CVSS9.5AI score0.10299EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.36 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16.0.1)

The version of AOS installed on the remote host is prior to 5.16.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16.0.1 advisory. - OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of...

9.8CVSS7.4AI score0.96823EPSS
Exploits22References43
OSV
OSV
added 2022/01/18 5:15 p.m.6 views

CVE-2021-29632

In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...

7.5CVSS6.9AI score0.00855EPSS
Exploits0References2
OSV
OSV
added 2021/08/17 3:18 p.m.7 views

SUSE-SU-2021:2765-1 Security update for libmspack

This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. bsc1103032 - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. bsc1103032...

8.8CVSS8.6AI score0.03806EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/04/20 12:0 a.m.34 views

Ubuntu 16.04 LTS : OpenSLP vulnerability (USN-4919-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4919-1 advisory. It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...

9.8CVSS8.6AI score0.96823EPSS
Exploits1References2
OSV
OSV
added 2020/06/24 7:43 a.m.9 views

SUSE-SU-2020:1733-1 Security update for curl

This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. - CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP...

7.8CVSS7.5AI score0.03427EPSS
Exploits2References5
OSV
OSV
added 2020/06/24 7:43 a.m.5 views

SUSE-SU-2020:1732-1 Security update for curl

This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027...

7.8CVSS7.7AI score0.01236EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for openslp (EulerOS-SA-2020-1418)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.96823EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for openslp (EulerOS-SA-2020-1038)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.96823EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.30 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2497-1)

This update for the Linux Kernel 3.12.61-5283 fixes several issues. The following security bugs were fixed : - CVE-2017-1000112: Prevent a race condition in net-packet code that could have been exploited by unprivileged users to gain root access bsc1052368. - CVE-2017-7645: The NFSv2/NFSv3 server...

7.8CVSS6.5AI score0.20797EPSS
Exploits19References11
OSV
OSV
added 2017/08/27 4:29 p.m.4 views

CVE-2017-13709

In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree...

7.5CVSS7.3AI score
Exploits0References2
CVE
CVE
added 2008/11/29 2:0 a.m.45 views

CVE-2008-5284

The CVE-2008-5284 issue affects multiple products where the web server component can crash due to a crafted HTTP Content-Length header with a negative value. Affected are IEA Software RadiusNT/RadiusX (versions 5.1.38 up to but not including 5.1.44), Emerald (5.0.49 up to before 5.0.52), Air Mars...

10CVSS6.7AI score0.04435EPSS
Exploits1References8Affected Software6
OSV
OSV
added 2008/02/11 9:0 p.m.7 views

CVE-2008-0665

wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...

6AI score
Exploits0References8
OSV
OSV
added 2007/03/14 12:19 a.m.4 views

CVE-2007-1444

netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /tmp/netperf.debug...

6.2AI score
Exploits0References5
Prion
Prion
added 2006/05/24 11:2 p.m.29 views

Remote file inclusion

PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS"CLPath" parameter to 1 reconfig.php and 2 srxclr.php. NOTE: this might be due to a globals overwrite issue...

7.5CVSS8AI score0.02537EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2006/05/24 11:0 p.m.28 views

CVE-2006-2570

PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS"CLPath" parameter to 1 reconfig.php and 2 srxclr.php. NOTE: this might be due to a globals overwrite issue...

7.5AI score0.02537EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2005/01/19 6:51 p.m.36 views

Moderate: Red Hat Security Advisory: krb5 security update

Updated Kerberos krb5 packages that correct buffer overflow and temporary file bugs are now available for Red Hat Enterprise Linux. Kerberos is a networked authentication system that uses a trusted third party a KDC to authenticate clients and servers to each other. A heap based buffer overflow b...

7.2CVSS7.7AI score0.00734EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2004/10/19 12:0 a.m.26 views

GLSA-200410-16 : PostgreSQL: Insecure temporary file use in make_oidjoins_check

The remote host is affected by the vulnerability described in GLSA-200410-16 PostgreSQL: Insecure temporary file use in makeoidjoinscheck The makeoidjoinscheck script insecurely creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create...

2.1CVSS5.5AI score0.00452EPSS
Exploits0References3
OSV
OSV
added 2004/08/31 12:0 a.m.16 views

DSA-458-3 python2.2 - buffer overflow

Bulletin has no description...

7.5CVSS6.1AI score0.0535EPSS
Exploits0
CERT
CERT
added 2001/10/09 12:0 a.m.43 views

diffutils sdiff creates temporary files insecurely

Overview diffutils, a set of utilities distributed with many versions of linux, contains a utility called sdiff, which creates temporary files of predictable names in an insecure fashion. Using a symbolic link attack, an intruder can cause overwrite of any file writable by the user executing sdif...

1.2CVSS6.2AI score0.00373EPSS
Exploits0References5
Rows per page
Query Builder