Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-0196

Malware in sbrugna...

7.5CVSS7.1AI score0.08188EPSS
Exploits0References51
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-1333

Malware in sbrugna...

5CVSS4.4AI score0.02826EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.51 views

EulerOS Virtualization 3.0.6.6 : thrift (EulerOS-SA-2021-1457)

According to the versions of the thrift packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with...

7.8CVSS6.9AI score0.09082EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/08/08 10:8 a.m.2 views

thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS7.3AI score0.08188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.34 views

EulerOS Virtualization 3.0.1.0 : thrift (EulerOS-SA-2019-1458)

According to the versions of the thrift packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security...

7.5CVSS7AI score0.08188EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.57 views

Debian DLA-1662-1 : libthrift-java security update

It was discovered that it was possible to bypass SASL negotiation isComplete validation in libthrift-java, Java language support for the Apache Thrift software framework. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS6.9AI score0.08188EPSS
Exploits0References3
Debian
Debian
added 2019/02/06 8:42 p.m.144 views

[SECURITY] [DLA 1662-1] libthrift-java security update

Package : libthrift-java Version : 0.9.1-2+deb8u1 CVE ID : CVE-2018-1320 Debian Bug : 918736 It was discovered that it was possible to bypass SASL negotiation isComplete validation in libthrift-java, Java language support for the Apache Thrift software framework. An assert used to determine if th...

7.5CVSS7.5AI score0.08188EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/01/17 6:19 p.m.28 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS3.5AI score0.08188EPSS
Exploits0References1
OSV
OSV
added 2019/01/17 1:56 p.m.41 views

GHSA-WJXJ-F8RG-99WX Improper Input Validation in Apache Thrift

Apache Thrift Java client library versions 0.5.0 prior to 0.9.3-1 and 0.10.0 prior to 0.12.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in...

7.5CVSS7.3AI score0.08188EPSS
Exploits0References32
Github Security Blog
Github Security Blog
added 2019/01/17 1:56 p.m.56 views

Improper Input Validation in Apache Thrift

Apache Thrift Java client library versions 0.5.0 prior to 0.9.3-1 and 0.10.0 prior to 0.12.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in...

7.5CVSS3.8AI score0.08188EPSS
Exploits0References32Affected Software1
Cvelist
Cvelist
added 2019/01/07 6:0 p.m.37 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.4AI score0.08188EPSS
Exploits0References25
Debian CVE
Debian CVE
added 2019/01/07 6:0 p.m.25 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS7AI score0.08188EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/01/07 5:29 p.m.34 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS6.9AI score0.08188EPSS
Exploits0References4
NVD
NVD
added 2019/01/07 5:29 p.m.23 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS7.5AI score0.08188EPSS
Exploits0References25
Prion
Prion
added 2019/01/07 5:29 p.m.20 views

Input validation

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

5CVSS7.3AI score0.08188EPSS
Exploits0References25Affected Software5
OSV
OSV
added 2019/01/07 5:29 p.m.10 views

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

7.5CVSS7.4AI score
Exploits0References25
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.18 views

Jabber Studio Jabberd Server SASL Negotiation DoS Vulnerability

Jabberd server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.2AI score0.02826EPSS
Exploits0References4
Prion
Prion
added 2006/03/21 1:6 a.m.24 views

Code injection

The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service "c2s segfault" by sending a "response stanza before an auth stanza"...

5CVSS6.5AI score0.02826EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2006/03/21 1:6 a.m.9 views

CVE-2006-1329

The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service "c2s segfault" by sending a "response stanza before an auth stanza"...

6.1AI score
Exploits0References8
Cvelist
Cvelist
added 2006/03/21 1:0 a.m.21 views

CVE-2006-1329

The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service "c2s segfault" by sending a "response stanza before an auth stanza"...

9.1AI score0.02826EPSS
Exploits0References8
Rows per page
Query Builder