Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2021/12/17 12:0 a.m.11 views

PT-2021-21895 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 6.0 and earlier Description: The issue arises from insufficient validation of parameters during post creation, allowing authenticated attackers to cause a client-side crash of the web application via a maliciously crafted...

5.7CVSS5.2AI score0.00835EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2021/06/29 4:38 p.m.9 views

libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode

A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system...

5.9CVSS7.1AI score0.03503EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/04/30 12:0 a.m.7 views

PT-2021-4589

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Description The issue is related to the libxml2 library's parser component, which fails to propagate errors when parsing XML content. This can be exploited by a remote attacker using a specially crafted XML...

10CVSS7AI score0.51733EPSS
Exploits23References146
OSV
OSV
added 2021/04/29 7:15 p.m.3 views

CVE-2021-1085

NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager vGPU plugin, where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information...

7.3CVSS5.7AI score0.00241EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/19 12:0 a.m.5 views

Cisco Web Security Appliance AsyncOS Denial of Service Vulnerability

Cisco Web Security Appliance WSA is a set of Web security appliances from the U.S. company Cisco Cisco. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy development, etc. Cisco AsyncOS is a set of operating systems running on it. A...

7.8CVSS6.7AI score0.01492EPSS
Exploits0References1
seebug.org
seebug.org
added 2011/06/30 12:0 a.m.24 views

phpMyAdmin '$_SESSION'数列未授权访问漏洞

Bugtraq ID: 48480 phpMyAdmin是一款基于PHP的MySQL管理程序。 phpMyAdmin存在多个安全漏洞: 1,超级全局$SESSION数列中的任意变量可覆盖或使用任意值创建。 2,phpMyAdmin中的一个错误配置允许$SESSION数列中的内容写入到.php-file中,组合1漏洞可能执行任意代码。 3,$SESSION数列中的内容post验证用于函数输入可执行PHP代码。 phpMyAdmin 3.4.0 厂商解决方案 目前没有详细解决方案提供: http://www.phpmyadmin.net/...

6.9AI score
Exploits0
Rows per page
Query Builder