CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

9 matches found

Positive Technologies•added 2026/04/01 12:0 a.m.•4 views

PT-2026-29662

Summary A Path Traversal vulnerability in chat endpoints allows an authenticated attacker to read and delete arbitrary files under their user data root for example secrets.json and settings.json by supplying avatar url="..". Details The input validator used by avatar url blocks only / and NUL...

8.3CVSS6AI score0.00029EPSS

Exploits1References6

Veracode•added 2023/05/16 11:59 p.m.•23 views

API Token Disclosure

planet is vulnerable to API Token Disclosure. The vulnerability is due to insecure file permissions set on the secrets file containing the API key. Any user in the system is able to view the secret file, which stores the user's Planet API login token...

5.5CVSS6.8AI score0.00062EPSS

Exploits0References3Affected Software1

SUSE CVE•added 2023/02/15 5:29 a.m.•1 views

SUSE CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS6.7AI score0.17189EPSS

Exploits1References3

OSV•added 2014/04/23 3:55 p.m.•1 views

DEBIAN-CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS6.7AI score0.17189EPSS

Exploits1References1

Prion•added 2014/04/23 3:55 p.m.•14 views

Design/Logic Flaw

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS6.9AI score0.17189EPSS

Exploits1References11Affected Software1

Cvelist•added 2014/04/23 2:0 p.m.•18 views

CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

6.1AI score0.17189EPSS

Exploits1References11

Debian CVE•added 2014/04/23 2:0 p.m.•15 views

CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS6.1AI score0.17189EPSS

OSV•added 2014/04/17 12:0 a.m.•0 views

UBUNTU-CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS5.8AI score0.17189EPSS

Exploits1References3

UbuntuCve•added 2014/04/17 12:0 a.m.•15 views

CVE-2014-2855

The checksecret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service infinite loop and CPU consumption via a user name which does not exist in the secrets file...

7.8CVSS5.9AI score0.17189EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by