CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

183 matches found

CVE•added 2020/05/21 2:15 p.m.•65 views

CVE-2020-7655

Netted details show that netius before 1.17.58 is vulnerable to HTTP Request Smuggling due to incorrect Transfer-Encoding header parsing, enabling CL:TE or TE:TE-style attacks. Affected component is netius (Python library/server) prior to version 1.17.58. Remediation per the sources is to upgrade...

6.1CVSS6.2AI score0.00238EPSS

Exploits0References1Affected Software1

RedHat Linux•added 2020/04/28 3:55 p.m.•31 views

Moderate: Red Hat Security Advisory: bind security, bug fix, and enhancement update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.6AI score0.05682EPSS

Exploits0References8

Tenable Nessus•added 2020/04/28 12:0 a.m.•29 views

RHEL 8 : bind (RHSA-2020:1845)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1845 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...

7.5CVSS6.5AI score0.05682EPSS

Exploits0References11

Tenable Nessus•added 2020/04/10 12:0 a.m.•60 views

CentOS 7 : bind (RHSA-2020:1061)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1061 advisory. - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in...

7.5CVSS6.4AI score0.05682EPSS

Exploits0References4

Cent OS•added 2020/04/08 5:45 p.m.•135 views

bind security update

CentOS Errata and Security Advisory CESA-2020:1061 An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.5AI score0.05682EPSS

Exploits0References7

RedhatCVE•added 2020/04/08 5:7 a.m.•51 views

CVE-2019-6477

A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...

7.5CVSS0.5AI score0.05693EPSS

Exploits0References4

OpenVAS•added 2020/04/01 12:0 a.m.•25 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1355)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.17224EPSS

Exploits0References2

Tenable Nessus•added 2020/04/01 12:0 a.m.•72 views

RHEL 7 : bind (RHSA-2020:1061)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1061 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

7.5CVSS6.4AI score0.05682EPSS

Exploits0References12

RedHat Linux•added 2020/03/31 9:5 p.m.•136 views

Moderate: Red Hat Security Advisory: bind security and bug fix update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.5AI score0.05682EPSS

Exploits0References7

OSV•added 2020/03/12 1:15 p.m.•1 views

DEBIAN-CVE-2020-10108

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request...

9.8CVSS8.1AI score0.02324EPSS

Exploits1References1

RedHat Linux•added 2020/03/05 12:2 p.m.•4 views

waitress: HTTP request smuggling through invalid Transfer-Encoding

An HTTP-interpretation flaw was found in waitress which did not properly validate incoming HTTP headers. When parsing the Transfer-Encoding header, waitress would look only for a single string value. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, with the...

7.5CVSS7.1AI score0.00795EPSS

Exploits0References5

OSV•added 2020/01/22 7:15 p.m.•20 views

CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS7.2AI score

Exploits0References5

OSV•added 2020/01/22 7:15 p.m.•1 views

DEBIAN-CVE-2019-16792

7.5CVSS6.3AI score0.00851EPSS

Exploits0References1

OSV•added 2020/01/22 7:15 p.m.•1 views

UBUNTU-CVE-2019-16792

7.5CVSS6.7AI score0.00851EPSS

Exploits0References4