Lucene search
K

5103 matches found

UbuntuCve
UbuntuCve
added 2019/08/13 12:0 a.m.94 views

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

7.8CVSS7.2AI score0.82017EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2019/08/13 12:0 a.m.55 views

CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References7
OSV
OSV
added 2019/08/13 12:0 a.m.2 views

UBUNTU-CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

7.5CVSS7.2AI score0.58373EPSS
Exploits0References8
OSV
OSV
added 2019/08/13 12:0 a.m.0 views

UBUNTU-CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU...

7.5CVSS7.3AI score0.82017EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.8 views

PT-2019-3018

Name of the Vulnerable Software and Affected Versions HTTP/2 implementations affected versions not specified Description The issue is related to a denial of service vulnerability in some HTTP/2 implementations. An attacker can create multiple request streams and continually shuffle the priority o...

9.8CVSS8.9AI score0.99999EPSS
Exploits71References413
Atlassian
Atlassian
added 2019/08/09 4:9 a.m.83 views

XSS in the MigratePriorityScheme resource - CVE-2019-11584

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the priority icon url of an issue priority...

6.1CVSS4.3AI score0.0097EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/08/09 4:9 a.m.40 views

XSS in the MigratePriorityScheme resource - CVE-2019-11584

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the priority icon url of an issue priority...

6.1CVSS4.3AI score0.0097EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/06/27 12:0 a.m.38 views

EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2019-1650)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests...

7.5CVSS6.5AI score0.06593EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2019/06/20 4:0 p.m.86 views

Investigating identity threats in hybrid cloud environments

As the modern workplace transforms, the identity attack surface area is growing exponentially, across on-premises and cloud, spanning a multitude of endpoints and applications. Security Operations SecOps teams are challenged to monitor user activities, suspicious or otherwise, across all dimensio...

6.6AI score
Exploits0
0day.today
0day.today
added 2019/06/07 12:0 a.m.286 views

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3) Exploit

Exploit for windows platform in category local exploits Microsoft Windows - AppX Deployment Service Local Privilege Escalation 3 CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within...

7.2CVSS6.8AI score0.41667EPSS
Exploits19
exploitpack
exploitpack
added 2019/06/07 12:0 a.m.126 views

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3)

Microsoft Windows - AppX Deployment Service Local Privilege Escalation 3 CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within "c:\users%username%\appdata\local\packages\Microsoft.MicrosoftEdge8wekyb3d8bbwe"...

7.2CVSS0.4AI score0.41667EPSS
Exploits19
RedHat Linux
RedHat Linux
added 2019/04/23 2:52 p.m.391 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.1CVSS6.6AI score0.16523EPSS
Exploits3References3
NVD
NVD
added 2019/03/30 5:29 p.m.23 views

CVE-2019-10659

Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field...

8.8CVSS8.8AI score0.02665EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/03/30 4:43 p.m.22 views

CVE-2019-10659

Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field...

9.3AI score0.02665EPSS
Exploits0References2
OSV
OSV
added 2019/03/21 4:0 p.m.33 views

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6.5AI score
Exploits0References6
OSV
OSV
added 2019/03/21 4:0 p.m.1 views

DEBIAN-CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6.2AI score0.04459EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/03/18 4:11 p.m.26 views

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6AI score0.04459EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/15 12:0 a.m.40 views

RHEL 7 : OpenShift Container Platform 3.10 haproxy (RHSA-2019:0548)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:0548 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy:...

7.5CVSS6.5AI score0.04459EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/03/15 12:0 a.m.41 views

RHEL 7 : OpenShift Container Platform 3.9 haproxy (RHSA-2019:0547)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0547 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security fixes: haproxy...

7.5CVSS6.6AI score0.04459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/03/14 7:58 a.m.6 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
Rows per page
Query Builder