Lucene search
K

7 matches found

Veracode
Veracode
added 2025/04/15 10:22 a.m.10 views

Remote Code Execution (RCE)

Picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient detection of dangerous deserialization behavior due to bypassing security checks by invoking benign built-in functions like timeit.timeit in the reduce method, which are not blacklisted and allow...

8.4AI score
Exploits0
Prion
Prion
added 2021/11/19 10:15 a.m.15 views

Design/Logic Flaw

In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL...

4.9CVSS6.6AI score0.01367EPSS
Exploits0References2Affected Software1
Huntr
Huntr
added 2021/09/14 5:54 a.m.8 views

in sbrl/pepperminty-wiki

Unrestricted Upload of File with Dangerous Type allows javascript injection Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file...

7AI score
Exploits0References2
Amazon
Amazon
added 2021/03/26 12:0 a.m.116 views

Important: openssl11

Issue Overview: A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to...

7.4CVSS7.4AI score0.62906EPSS
Exploits4
OPENSUSE Linux
OPENSUSE Linux
added 2012/08/30 12:9 p.m.51 views

MozillaFirefox: Update to version 15 (critical)

Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...

10CVSS1.5AI score0.07762EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2012/08/30 12:0 a.m.37 views

Mozilla SeaMonkey 2.x < 2.12 Multiple Vulnerabilities

Binary data 801356.prm...

10CVSS9.8AI score0.07762EPSS
Exploits3References41
Tenable Nessus
Tenable Nessus
added 2012/08/29 12:0 a.m.62 views

Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,...

10CVSS8.8AI score0.07762EPSS
Exploits1References31
Rows per page
Query Builder