Lucene search
K

6686 matches found

UbuntuCve
UbuntuCve
added 2017/10/18 2:29 a.m.22 views

CVE-2017-15576

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information...

7.5CVSS7.2AI score0.01624EPSS
Exploits0References4
Prion
Prion
added 2017/10/18 2:29 a.m.14 views

Information disclosure

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...

5CVSS7.5AI score0.01624EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/10/18 2:29 a.m.16 views

CVE-2017-15577

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...

7.5CVSS7.6AI score0.01624EPSS
Exploits0References3
OSV
OSV
added 2017/10/18 2:29 a.m.1 views

UBUNTU-CVE-2017-15576

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information...

7.5CVSS7.2AI score0.01624EPSS
Exploits0References4
OSV
OSV
added 2017/10/18 2:29 a.m.4 views

UBUNTU-CVE-2017-15569

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/querieshelper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list...

6.1CVSS7.3AI score0.00949EPSS
Exploits0References5
OSV
OSV
added 2017/10/18 2:29 a.m.3 views

DEBIAN-CVE-2017-15576

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information...

7.5CVSS8.7AI score0.01624EPSS
Exploits0References1
OSV
OSV
added 2017/10/18 2:29 a.m.1 views

DEBIAN-CVE-2017-15569

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/querieshelper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list...

6.1CVSS6.2AI score0.00949EPSS
Exploits0References1
OSV
OSV
added 2017/10/18 2:29 a.m.2 views

UBUNTU-CVE-2017-15577

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...

7.5CVSS7.2AI score0.01624EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/10/18 2:0 a.m.24 views

CVE-2017-15577

Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...

7.5CVSS7.6AI score0.01624EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/10/17 12:0 a.m.5 views

The vulnerabilities of Microsoft Edge and Internet Explorer involve improper memory management by JavaScript mechanisms when displaying content, allowing attackers to execute arbitrary code.

Vulnerability of browsers Internet Explorer and Microsoft Edge, where JavaScript memory-management mechanisms malfunction when displaying content. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

7.6CVSS7.9AI score0.11923EPSS
Exploits0References5Affected Software1
Microsoft CVE
Microsoft CVE
added 2017/10/10 7:0 a.m.33 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...

7.6CVSS7.9AI score0.68027EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/10/06 2:47 p.m.61 views

USN-3440-1: poppler vulnerabilities

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. CVE-2017-14518, CVE-2017-14520, CVE-2017-14617, CVE-2017-14929, CVE-2017-14975, CVE-2017-14977 It was discover...

7.8CVSS6.5AI score0.0246EPSS
Exploits4
Ubuntu
Ubuntu
added 2017/10/02 2:35 p.m.57 views

USN-3433-1: poppler vulnerabilities

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial service. This issue only affected Ubuntu 17.04. CVE-2017-14517 It was discovered that Poppler incorrectly handled certain...

7.5CVSS6.7AI score0.01542EPSS
Exploits2
Fedora
Fedora
added 2017/09/30 7:41 a.m.26 views

[SECURITY] Fedora 27 Update: poppler-0.57.0-2.fc27

poppler is a PDF rendering library...

7.8CVSS2.3AI score0.01211EPSS
Exploits1
NVD
NVD
added 2017/09/30 1:29 a.m.18 views

CVE-2017-14921

Stored XSS vulnerability via IMG element at "Filename" of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users...

5.4CVSS5.2AI score0.00926EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/09/29 7:0 a.m.17 views

CVE-2017-14920

Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled during rendering by the application administrator...

6AI score0.01119EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/09/29 7:0 a.m.19 views

CVE-2017-14922

Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users...

5.2AI score0.00907EPSS
Exploits0References5
Fedora
Fedora
added 2017/09/28 8:1 p.m.38 views

[SECURITY] Fedora 26 Update: poppler-0.52.0-5.fc26

poppler is a PDF rendering library...

7.8CVSS2.3AI score0.01211EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/09/28 12:0 a.m.36 views

Debian DLA-1116-1 : poppler security update

It was discovered that poppler, a PDF rendering library, was affected by several denial of service application crash, NULL pointer dereferences and memory corruption bugs : CVE-2017-14517 NULL pointer Dereference in the XRef::parseEntry function in XRef.cc CVE-2017-14519 Memory corruption occurs ...

7.8CVSS6.7AI score0.01542EPSS
Exploits2References5
Debian
Debian
added 2017/09/27 8:57 p.m.39 views

[SECURITY] [DLA 1116-1] poppler security update

Package : poppler Version : 0.18.4-6+deb7u3 CVE ID : CVE-2017-14517 CVE-2017-14519 CVE-2017-14617 Debian Bug : 876086 876385 876079 It was discovered that poppler, a PDF rendering library, was affected by several denial-of-service application crash, null pointer dereferences and memory corruption...

7.8CVSS7.8AI score0.01542EPSS
Exploits2
Rows per page
Query Builder