SLP Find Attributes

The remote server understands Service Location Protocol SLP, a protocol that allows network applications to discover the existence, location, and configuration of various services in an enterprise network environment. Services listed via SLP may include a number of attributes. These attributes ar...

编号撤回

This CVE number has been withdrawn...

SUSE CVE-2016-9621

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

SAP@ Host Agent Privilege Escalation Vulnerability

SAP@ Host Agent suffers from a privilege escalation vulnerability. ======================================================================= title: Privilege Escalation Vulnerabilities UNIX Insecure File Handling product: SAP® Host Agent saposcol vulnerable version: see section "Vulnerable / tested...

GHSA-X58J-J539-W8MV Duplicate Advisory: Improper Restriction of XML External Entity Reference in pikepdf

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29421, GHSA-ccgm-3xw4-h5p8. Reason: This candidate is a duplicate of CVE-2021-29421. Notes: All CVE users should reference CVE-2021-29421 instead of this candidate. All references and descriptions in this candidate have been removed to...

编号已被CVE保留

No details are available at this time...

编号已被CVE保留

No details are available at this time...

CVE-2022-29550

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in which...

编号已被CVE保留

No details are available at this time...

SAP NetWeaver AS Java Information Disclosure (2256846)

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.1 to 7.5, allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. Note that Nessus has not tested for this issue but has instead relied only on the application's...

zeitarbeit-jobs-sachsen.de Cross Site Scripting vulnerability OBB-2326152

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2015-7731

SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830...

CVE-2015-7731

SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830...

GHSA-H4PC-GX2W-F2XV Heap OOB read in TFLite

Impact A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of SplitV: cc const int inputsize = SizeOfDimensioninput, axisvalue; If axisvalue is not a value between 0 and NumDimensionsinput, then the SizeOfDimension function will access data outside the...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none...

Fedora 32 : ansible (2020-d5e74bf9a0)

Update to upstream bugfix and security release 2.9.13. ---- Update to 2.9.12 upstream bugfix and security update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...

PT-2020-14207 · Lyft +1 · Envoy +1

Content removed...

Exploit for Improper Resource Shutdown or Release in Microsoft

Web-Security-Note Record some common Web security sites 由于平常读过的文章以及遇到的比较好的开源项目都被渐渐遗忘了，所以利用这个项目来记录一下，以便查阅。 目录： - CTF - Online-Tools - 漏洞环境 - 信息搜集 - 工具 - 面经 - BypassWAF - WEB安全 - 漏洞挖掘 - 渗透测试 - 内网渗透 - 扫描器开发 - 开发 - 运维 CTF + CTF Time + Pwnhub + CTF论剑场 + 南京邮电大学CTF平台 + Whale CTF + JarvisOJ + Hackme CTF ...

SAP NetWeaver AS Java Multiple Vulnerabilities

The version of SAP NetWeaver AS Java detected on the remote host may be affected by multiple vulnerabilities, as referenced in SAP Security Note 2934135. - LM Configuration Wizard of SAP NetWeaver AS JAVA, does not perform an authentication check which allows an attacker without prior...

UBUNTU-CVE-2018-20225

An issue was discovered in pip all versions because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not...