Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2023/11/21 11:10 p.m.65 views

CVE-2023-6209

The Mozilla Foundation Security Advisory describes this flaw as: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites...

6.1CVSS6.2AI score0.01406EPSS
Exploits0References5
NVD
NVD
added 2022/12/15 7:15 p.m.19 views

CVE-2022-42837

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, watchOS 9.2. A remote user may be able to cause unexpected app termination or arbitrary code executi...

9.8CVSS0.02062EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/11/21 12:0 a.m.36 views

GitLab < 15.3.5 (CVE-2022-3818)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to cause...

5.3CVSS5.7AI score0.0067EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-5006-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.03179EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2021/07/13 12:1 p.m.148 views

USN-5006-2: PHP vulnerabilities

USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to...

7.5CVSS6.9AI score0.03179EPSS
Exploits4
NVD
NVD
added 2021/04/02 6:15 p.m.22 views

CVE-2020-9995

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Server 5.11. Processing a maliciously crafted URL may lead to an open redirect or cross site scripting...

6.1CVSS0.0059EPSS
Exploits0References1
NVD
NVD
added 2020/10/27 9:15 p.m.22 views

CVE-2020-9857

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari...

4.3CVSS4.5AI score0.00752EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/02/26 12:0 a.m.42 views

.NET Core Domain Spoofing Vulnerability (Feb 2019)

'System.Private.Uri SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.814760";...

5.9CVSS7.2AI score0.04518EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2018/08/26 12:0 a.m.155 views

Apache Struts 2.3 / 2.5 Remote Code Execution

!/usr/bin/env python3 coding=utf-8 struts-pwn: Apache Struts CVE-2018-11776 Exploit Author: Mazin Ahmed This code uses a payload from: https://github.com/jas502n/St2-057 import argparse import random import requests import sys try: from urllib import parse as urlparse except ImportError: import...

0.4AI score0.99993EPSS
Exploits41
Ubuntu
Ubuntu
added 2016/11/03 5:45 p.m.90 views

USN-3123-1: curl vulnerabilities

It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. CVE-2016-7141 Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote...

9.8CVSS7.6AI score0.11737EPSS
Exploits0
Debian CVE
Debian CVE
added 2011/08/29 3:0 p.m.36 views

CVE-2011-2822

Removed by vendor...

10CVSS6.7AI score0.00877EPSS
Exploits0
Rows per page
Query Builder