CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2016/03/04 12:0 a.m.•10 views

Fedora 23 : perl-IPTables-Parse-1.5-2.fc23 (2015-0c153d3319)

5.5AI score

Tenable Nessus•added 2016/03/04 12:0 a.m.•16 views

Fedora 22 : perl-IPTables-Parse-1.5-2.fc22 (2015-30f080e459)

5.5AI score

Hacker One•added 2016/02/05 8:47 a.m.•20 views

New Relic: Html injection in monitor name textbox

payload in monitor name textbox : image tag is executed in Monitot failed email fix : Need to done secure parse encode in monitor name textbox to prevent html injection in email...

2.3AI score

CNVD•added 2015/12/18 12:0 a.m.•2 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08327)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the 'RTPReceiverVideo::ParseRtpPacket' function in Mozilla...

10CVSS8.8AI score0.00863EPSS

CNVD•added 2015/12/18 12:0 a.m.•2 views

IPTables-Parse 'IPTables/Parse.pm' Insecure Temporary File Creation Vulnerability

IPTables-Parse is a Perl extension for parsing iptables and ip6tables firewall rules. An insecure temporary file creation vulnerability exists in IPTables-Parse versions prior to 1.6. A local attacker can exploit this vulnerability to perform a symbolic link attack to overwrite arbitrary files in...

5.5CVSS6.7AI score0.00062EPSS

OpenVAS•added 2015/12/15 12:0 a.m.•14 views

Amazon Linux: Security Advisory (ALAS-2015-627)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.6AI score0.00062EPSS

Tenable Nessus•added 2015/12/15 12:0 a.m.•16 views

Amazon Linux AMI : perl-IPTables-Parse (ALAS-2015-627)

A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. C Tenable Network Security, Inc. The descriptive te...

5.5CVSS5.7AI score0.00062EPSS

Amazon•added 2015/12/14 12:0 a.m.•31 views

Low: perl-IPTables-Parse

Issue Overview: A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. Affected Packages:...

5.5CVSS5.6AI score0.00062EPSS

OpenVAS•added 2015/11/21 12:0 a.m.•11 views

Fedora Update for perl-IPTables-Parse FEDORA-2015-240

7.5AI score

Fedora•added 2015/11/20 11:28 p.m.•8 views

[SECURITY] Fedora 21 Update: perl-IPTables-Parse-1.5-2.fc21

The IPTables::Parse package provides an interface to parse iptables rules on Linux systems through the direct execution of iptables commands, or from parsing a file that contains an iptables policy listing. You can get the current policy applied to a table/chain, look for a specific user-defined...

2.7AI score

OpenVAS•added 2015/11/20 12:0 a.m.•12 views

Fedora Update for perl-IPTables-Parse FEDORA-2015-30

7.5AI score

Fedora•added 2015/11/19 12:26 p.m.•10 views

[SECURITY] Fedora 22 Update: perl-IPTables-Parse-1.5-2.fc22

2.7AI score

Fedora•added 2015/11/19 10:12 a.m.•14 views

[SECURITY] Fedora 23 Update: perl-IPTables-Parse-1.5-2.fc23

2.7AI score

Node.js•added 2015/10/24 5:58 p.m.•29 views

Regular Expression Denial of Service

Overview Versions of uglify-js prior to 2.6.0 are affected by a regular expression denial of service vulnerability when malicious inputs are passed into the parse method. Proof of Concept var u = require'uglify-js'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = resu...

7.8CVSS4.2AI score0.00902EPSS

Exploits1Affected Software1

CNVD•added 2015/10/10 12:0 a.m.•2 views

FreeSWITCH Heap Buffer Overflow Vulnerability

FreeSWITCH is a free, open source communications software developed by American software developer Anthony Minessale. A heap buffer overflow vulnerability exists in the 'parsestring' function in the libs/esl/src/esljson.c file in FreeSWITCH versions 1.4.21 and earlier, and version 1.6.0. A remote...

7.5CVSS7.9AI score0.04091EPSS

Exploits2References1

CNVD•added 2015/09/22 12:0 a.m.•1 views

MaraDNS 'parse/ParseMaraRc.c' Denial of Service Vulnerability

MaraDNS is a secure DNS server developed by American software developer Sam Trenholme. A denial of service vulnerability exists in MaraDNS. An attacker could exploit this vulnerability to cause a denial of service...

6.7AI score

OSV•added 2015/09/14 8:59 p.m.•1 views

DEBIAN-CVE-2014-9745

The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...

5CVSS6.8AI score0.02852EPSS

BDU FSTEC•added 2015/09/08 12:0 a.m.•2 views

The vulnerability of Firefox and Firefox ESR browsers allows attackers to circumvent access control policies.

The vulnerability of Firefox and Firefox ESR browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass access control policies using the JSON.parse method...

5CVSS6.7AI score0.00556EPSS

Exploits0References4Affected Software2

Exploit DB•added 2015/09/02 12:0 a.m.•26 views

YesWiki 0.2 - 'squelette' Directory Traversal

Exploit Title: YESWIKI 0.2 - Path Traversal Date: 2015-09-02 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: http://yeswiki.net Software Link: https://github.com/YesWiki/yeswiki Version: yeswiki 0.2 Tested on: Debian Wheezy CVE : none...

7AI score