Lucene search
K

5103 matches found

RedHat Linux
RedHat Linux
added 2019/03/14 7:58 a.m.94 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update

An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.04459EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/03/14 7:58 a.m.4 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2019/03/12 3:53 p.m.60 views

Adobe Patches Critical Photoshop, Digital Edition Flaws

Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...

10CVSS1AI score0.68369EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2019/03/01 8:22 p.m.340 views

Adobe Patches Critical ColdFusion Vulnerability With Active Exploit

Adobe has issued an emergency patch for a critical vulnerability in its ColdFusion service that is being exploited in the wild. The vulnerability, CVE-2019-7816, exists in Adobe’s commercial rapid web application development platform, ColdFusion. The ColdFusion vulnerability is a file upload...

10CVSS1.2AI score0.99999EPSS
Exploits48References4
RedHat Linux
RedHat Linux
added 2019/02/20 2:11 p.m.7 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/02/06 9:29 p.m.42 views

CVE-2019-7548

SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

7.8CVSS7.2AI score0.01777EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/02/05 8:26 a.m.3 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2019/01/22 3:21 p.m.211 views

Adobe Issues Unscheduled Updates for Experience Manager Platform

Adobe has issued unscheduled patches for vulnerabilities rated “important” across its Experience Manager platform, which allows developers to create mobile apps, social campaigns and landing pages. Overall, Adobe issued three fixes, including an “important” flaw CVE-2018-19726 and a “moderate” fl...

10CVSS7.9AI score0.08414EPSS
Exploits0References8
CNVD
CNVD
added 2019/01/02 12:0 a.m.2 views

Proxygen Denial of Service Vulnerability (CNVD-2019-00956)

Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in the handling of invalid HTTP2 priority settings in Facebook Proxygen versions prior to 2018.12.31.00. An attacker can exploit this vulnerability to cause a denial...

7.5CVSS6.6AI score0.0137EPSS
Exploits0References1
NVD
NVD
added 2018/12/31 10:29 p.m.18 views

CVE-2018-6346

A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...

7.5CVSS7.4AI score0.0137EPSS
Exploits0References1
Prion
Prion
added 2018/12/31 10:29 p.m.19 views

Denial of service

A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...

5CVSS7.4AI score0.0137EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/12/31 10:0 p.m.17 views

CVE-2018-6346

A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...

7.5AI score0.0137EPSS
Exploits0References1
OSV
OSV
added 2018/12/31 7:29 p.m.19 views

CVE-2018-6335

A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...

7.5CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2018/12/31 7:29 p.m.4 views

UBUNTU-CVE-2018-6335

A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...

7.5CVSS7.1AI score0.01469EPSS
Exploits0References3
OSV
OSV
added 2018/12/31 12:0 a.m.1 views

UBUNTU-CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/12/31 12:0 a.m.26 views

CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...

7.5CVSS6.8AI score0.04459EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/12/31 12:0 a.m.4 views

PT-2018-17493 · Facebook · Proxygen

Name of the Vulnerable Software and Affected Versions: Proxygen versions prior to 2018.12.31.00 Description: A potential denial-of-service issue exists due to the handling of invalid HTTP2 priority settings, specifically a circular dependency, in Proxygen. Recommendations: For versions prior to...

7.5CVSS7.4AI score0.0137EPSS
Exploits0References4
Citrix
Citrix
added 2018/12/10 12:0 a.m.7 views

[WEM 4.7]The agent is unable to change the priority for a process with an error code 87

The errors are associated with processes like eventvwr, notity etc...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2018/11/13 4:44 p.m.22 views

Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC

Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept PoC exploit code publicly available. The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for...

5CVSS0.4AI score0.10267EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2018/10/18 10:49 a.m.11 views

priorityautorelocations.com XSS vulnerability

Open Bug Bounty ID: OBB-687796 Description| Value ---|--- Affected Website:| priorityautorelocations.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...

0.1AI score
Exploits0
Rows per page
Query Builder