CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Snyk•added 2026/03/05 9:13 p.m.•5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the loadClusterProps function in the FileConfigStore component. An attacker can exfiltrate sensitive server files by setting imq.cluster.url to an arbitrary local path e.g., file:///etc/passwd and then running...

9.8CVSS6.3AI score0.00089EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 6:5 a.m.•1 views

SUSE CVE-2009-0071

Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a certain a replaceChild or b removeChild call, followed by a 1 queryCommandValue, 2 queryCommandState, or 3...

2.6CVSS6.6AI score0.10859EPSS

Exploits2References3

CNVD•added 2020/04/10 12:0 a.m.•1 views

Multiple Dahua Products Input Validation Error Vulnerability (CNVD-2020-22980)

Dahua SD6AL Series and so on are the products of Dahua, China.SD6AL Series is a network camera of SD6AL series.NVR 5x Series is a network video recorder of 5x series.IPC-HX2XXX Series is a network camera of IPC-HX2XXX series.NVR 5x Series is a network video recorder of 5x series.NVR 5x Series is ...

4.9CVSS6.7AI score0.0053EPSS

Exploits0

NVD•added 2020/04/09 2:15 p.m.•9 views

CVE-2020-9500

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...

4.9CVSS5.1AI score0.0053EPSS

Exploits0References1

Prion•added 2020/04/09 2:15 p.m.•13 views

Design/Logic Flaw

4CVSS5.1AI score0.0053EPSS

Exploits0References1Affected Software19

Cvelist•added 2020/04/09 1:21 p.m.•13 views

CVE-2020-9500

5.2AI score0.0053EPSS

Exploits0References1

CVE•added 2020/04/09 1:21 p.m.•69 views

CVE-2020-9500

CVE-2020-9500 affects some Dahua products; the vulnerability allows Denial of Service after a legal-account login by sending a specific log query, potentially causing the device to go down. The alert/guidance in connected sources is limited to describing the DoS condition without publicly disclos...

4.9CVSS5.1AI score0.0053EPSS

Exploits0References1Affected Software1

Veracode•added 2019/05/16 2:16 a.m.•32 views

Denial Of Service (DoS)

RubyGems is vulnerable to denial of service attacks. A local attacker can supply a specially crafted 'query' command to cause denial of service conditions by excessive CPU usage while parsing a sufficiently long gem summary. Query Command Handler is the affected component...

7.5CVSS8AI score0.1397EPSS

Exploits1References14Affected Software6

Tenable Nessus•added 2017/09/20 12:0 a.m.•40 views

Fedora 25 : ruby (2017-e136d63c99)

Fix ANSI escape sequence vulnerability CVE-2017-0899. - Fix DoS vulnerability in the query command CVE-2017-0900. - Fix a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files CVE-2017-0901. - Fix DNS request hijacking vulnerability CVE-2017-0902. - Fix...

9.8CVSS7.1AI score0.20215EPSS

Exploits6References6