Lucene search
K

57 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2622

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including 1 "missing or mismatched protocol identifier," 2 missing or negative status value," 3 "missing version," or 4 "missing or invalid status number," related t...

5CVSS6.8AI score0.56908EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-10326

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipbodytostr function defined in osipparser2/osipbody.c, resulting in a remote DoS...

7.5CVSS7.5AI score0.01499EPSS
Exploits0References6
CNNVD
CNNVD
added 2020/11/24 12:0 a.m.30 views

MongoDB Authorization Issues Vulnerability

MongoDB is a document-oriented database management system from the U.S.-based MongoDB, Inc. An authorization issue vulnerability exists in MongoDB that allows an unauthenticated client to trigger a denial of service by issuing a specially crafted wired protocol message, which could cause the...

7.5CVSS7.1AI score0.01655EPSS
Exploits0References5
NVD
NVD
added 2020/01/27 4:15 p.m.22 views

CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

9.8CVSS9.7AI score0.04193EPSS
Exploits0References7
Prion
Prion
added 2020/01/27 4:15 p.m.34 views

Sql injection

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

7.5CVSS8AI score0.04193EPSS
Exploits0References7Affected Software2
CVE
CVE
added 2020/01/27 3:29 p.m.198 views

CVE-2015-0244

CVE-2015-0244 affects PostgreSQL up to 9.0.19, 9.1.x up to 9.1.15, 9.2.x up to 9.2.10, 9.3.x up to 9.3.6, and 9.4.x up to 9.4.1. It arises from improper handling of errors while reading a protocol message, enabling remote attackers to perform SQL injection via crafted binary data in a parameter a...

9.8CVSS9.3AI score0.04193EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2020/01/27 3:29 p.m.25 views

CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

9.7AI score0.04193EPSS
Exploits0References7
CNVD
CNVD
added 2019/09/18 12:0 a.m.2 views

IBM MQ and IBM MQ Appliance Denial of Service Vulnerabilities

IBM MQ IBM WebSphere MQ and IBM MQ Appliance are both products of IBM Corporation, U.S.A. IBM MQ is a messaging middleware product. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA.IBM MQ Appliance is an all-in-one appliance for rapid...

6.5CVSS6.6AI score0.01619EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.2 views

ABB Relion 630 Denial of Service Vulnerability

The ABB Relion 630 is a relay device for substation automation protection and control from ABB Switzerland. A security vulnerability exists in the ABB Relion 630 version 1.1 before 1.1.0.C0, version 1.2 before 1.2.0.B3, and version 1.3 before 1.3.0.A6. A remote attacker could exploit this...

7.8CVSS6.9AI score0.0247EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/29 12:0 a.m.4 views

Cisco IOS Software and IOS XE Software Denial of Service Vulnerability (CNVD-2018-20297)

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices.Cluster Management Protocol is one of the cluster management protocols. A denial of service vulnerability exists in Cluster Management Protocol in Cisco IOS Software and IOS XE Software. A...

7.4CVSS7.1AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/08/02 2:49 a.m.29 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS4.3AI score0.02985EPSS
Exploits0References2
Prion
Prion
added 2018/07/26 2:29 p.m.21 views

Authentication flaw

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

4.9CVSS6.7AI score0.02985EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2018/07/26 2:29 p.m.29 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8CVSS7.2AI score0.02985EPSS
Exploits0References6
CVE
CVE
added 2018/07/26 2:0 p.m.106 views

CVE-2017-12610

CVE-2017-12610 affects Apache Kafka versions 0.10.0.0–0.10.2.1 and 0.11.0.0–0.11.0.1. The issue allows an authenticated Kafka client to impersonate other users by sending a manually crafted protocol message when SASL/PLAIN or SASL/SCRAM is used against the built-in servers. The vulnerability can ...

6.8CVSS6.6AI score0.02985EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2018/07/26 2:0 p.m.31 views

CVE-2017-12610

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka...

6.8AI score0.02985EPSS
Exploits0References6
OSV
OSV
added 2018/07/09 8:29 p.m.16 views

CVE-2018-1000614

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller...

9.8CVSS6.8AI score
Exploits0References2
NVD
NVD
added 2018/07/09 8:29 p.m.20 views

CVE-2018-1000614

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller...

9.8CVSS9.3AI score0.01569EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/07/09 8:0 p.m.19 views

CVE-2018-1000614

ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller...

9.3AI score0.01569EPSS
Exploits1References2
NVD
NVD
added 2018/05/09 8:29 p.m.17 views

CVE-2017-14475

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

10CVSS9.8AI score0.06164EPSS
Exploits2References1
NVD
NVD
added 2018/05/09 8:29 p.m.12 views

CVE-2017-14478

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

10CVSS9.8AI score0.06084EPSS
Exploits2References1
Rows per page
Query Builder