Lucene search
K

168 matches found

Positive Technologies
Positive Technologies
added 2022/04/25 12:0 a.m.6 views

PT-2022-19275 · F Secure · F-Secure Atlant

Name of the Vulnerable Software and Affected Versions: F-Secure Atlant affected versions not specified Description: A Denial-of-Service DoS issue was discovered in the fsicapd component used in certain F-Secure products. When scanning larger packages or fuzzed files, the component consumes too mu...

7.5CVSS7.4AI score0.00524EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/04/10 12:0 a.m.9 views

PT-2022-13778 · Unknown · Tildearrow Furnace

Name of the Vulnerable Software and Affected Versions: tildearrow Furnace versions prior to the patch 0eb02422d5161767e9983bdaa5c429762d3477ce Description: A denial of service issue was discovered, classified as problematic, resulting from an incomplete fix of a previous issue. This issue can be...

6.5CVSS6.2AI score0.01137EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.5 views

The vulnerability of the put_qpel_0_0_fallback_16 function in the h.265 Libde265 implementation allows a attacker to trigger a service failure.

The vulnerability of the putqpel00fallback16 function in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.8CVSS7.1AI score0.00983EPSS
Exploits1References8Affected Software4
Cvelist
Cvelist
added 2022/03/16 2:4 p.m.33 views

CVE-2022-0982 Buffer Overflow via crafted client request in Accel-PPP v1.12

The telnetinputchar function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdlinelen is copied into a fixed buffer b-buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger...

9.8AI score0.01187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/15 9:32 a.m.4 views

CVE-2022-0982

The telnetinputchar function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdlinelen is copied into a fixed buffer b-buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger...

9.8CVSS8.1AI score0.01187EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/03/01 12:15 p.m.4 views

CVE-2021-44747

A Denial-of-Service DoS vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service of the...

6.5CVSS5.7AI score0.00625EPSS
Exploits0References1
OSV
OSV
added 2022/02/14 10:15 p.m.26 views

CVE-2022-24705

The radpacketrecv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigge...

9.8CVSS7.5AI score
Exploits0References1
GithubExploit
GithubExploit
added 2021/11/25 4:56 a.m.209 views

Exploit for CVE-2021-24086

CVE-2021-24086 This is a proof of concept for CVE-2021-24086...

9.8CVSS8.6AI score0.58961EPSS
Exploits7
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.4 views

Pexip Infinity 输入验证错误漏洞

Pexip Infinity Pexip video conferencing cloud collaboration platform is a video conferencing cloud collaboration platform from Pexip, a Norwegian company. Pexip Infinity's call setup is vulnerable to an input validation error. An unauthenticated remote attacker can use this vulnerability to trigg...

7.5CVSS5.7AI score0.01328EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/04/13 12:0 a.m.5 views

phpGACL SQL注入漏洞

phpGACL is an open source PHP class for Web developers to provide a simple but powerful "insert" permission system . For its current Web-based applications to use . Phpgacl version 3.3.7 SQL injection vulnerability , the vulnerability stems from the program admin/edit group.php page SQL injection...

8.8CVSS8.1AI score0.29683EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2021/04/07 11:10 a.m.307 views

Exploit for CVE-2021-24086

CVE-2021-24086 This is a proof of concept for CVE-2021-24086...

9.8CVSS8.7AI score0.58961EPSS
Exploits7
BDU FSTEC
BDU FSTEC
added 2020/11/17 12:0 a.m.8 views

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) system, related to an exception handling error, allows a violator to trigger a service failure.

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P system is related to an exception handling error. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

4.3CVSS6.5AI score0.0115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/09/23 12:46 p.m.5 views

jenkins: stored XSS vulnerability in 'trigger builds remotely'

A flaw was found in Jenkins versions prior to 2.251 and LTS 2.235.3. The remote address of hosts starting a build via 'Trigger builds remotely' are not properly escaped leading to a potential stored cross-site scripting XSS vulnerability exploitable by users with Job/Configure permission or...

5.4CVSS5.7AI score0.05298EPSS
Exploits3References5
CNVD
CNVD
added 2020/09/02 12:0 a.m.5 views

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2020-51391)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

4.3CVSS6.6AI score0.00524EPSS
Exploits0References1
NVD
NVD
added 2020/09/01 2:15 p.m.24 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.3CVSS4.5AI score0.00524EPSS
Exploits0References2
OSV
OSV
added 2020/09/01 2:15 p.m.19 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.3CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2020/09/01 2:15 p.m.14 views

Design/Logic Flaw

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4CVSS4.6AI score0.00524EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/09/01 1:50 p.m.74 views

CVE-2020-2239

The CVE-2020-2239 issue affects Jenkins Parameterized Remote Trigger Plugin up to version 3.1.3. The plugin stores a secret in plaintext in the controller’s global configuration file (org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml), exposing confidential data to any...

4.3CVSS4.5AI score0.00524EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/01 1:50 p.m.25 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.5AI score0.00524EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2020/09/01 1:50 p.m.31 views

CVE-2020-2239

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

4.3CVSS4.7AI score0.00524EPSS
Exploits0References2
Rows per page
Query Builder