Lucene search
K

32 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.6 views

The vulnerability of the software for interacting with servers via CURL lies in the fact that certain operations exceed the allowable buffer size limits, allowing an attacker to cause a service failure.

The vulnerability of the software for interacting with servers via CURL is related to the execution of operations within the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...

5.3CVSS7.1AI score0.09917EPSS
Exploits1References16Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.8 views

The vulnerability of the software for interacting with servers using curl, related to errors in handling user credentials, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software for interacting with servers using curl is related to errors in handling user credentials. Exploiting this vulnerability can allow a perpetrator to gain unauthorized access to protected information...

5.6CVSS6.8AI score0.03427EPSS
Exploits1References11Affected Software6
Prion
Prion
added 2019/12/11 8:15 p.m.16 views

Information disclosure

An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...

7.5CVSS8.6AI score0.0344EPSS
Exploits3References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/05/14 6:15 p.m.4 views

libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes

A flaw was found in libssh2. A server could send a multiple keyboard interactive response messages, whose total length are greater than the unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. The highest threat from this...

8.8CVSS7.3AI score0.03437EPSS
Exploits0References5
Talos Blog
Talos Blog
added 2018/08/31 12:47 p.m.52 views

Threat Roundup for August 24-31

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Aug. 24 and 31. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

0.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.9 views

The vulnerability of the syntax analyzer of the software tool for interacting with the curl server allows a hacker to perform read operations beyond the buffer in memory.

The vulnerability of the software tool’s syntax analyzer for interacting with servers using curl is related to an error during registration on the server using the FTP protocol. Exploiting this vulnerability allows a malicious actor to gain access to data beyond the boundaries of the allocated...

7.5CVSS7.7AI score0.08465EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2017/11/01 9:29 p.m.4 views

CVE-2017-1340

IBM Jazz Reporting Service JRS 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455...

5CVSS5.8AI score0.00951EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/01 9:0 p.m.23 views

CVE-2017-1340

IBM Jazz Reporting Service JRS 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455...

4.7AI score0.00951EPSS
Exploits0References3
curl security advisories
curl security advisories
added 2017/10/04 8:0 a.m.6 views

FTP PWD response parser out of bounds read

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

7.5CVSS6.6AI score0.08465EPSS
Exploits0Affected Software2
Prion
Prion
added 2014/12/15 6:59 p.m.28 views

Design/Logic Flaw

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS6.8AI score0.10783EPSS
Exploits0References26Affected Software4
Debian CVE
Debian CVE
added 2013/02/23 9:0 p.m.29 views

CVE-2013-0887

Removed by vendor...

7.5CVSS9.4AI score0.0088EPSS
Exploits0
myhack58
myhack58
added 2006/05/02 12:0 a.m.13 views

Page attack the theory and implementation-vulnerability warning-the black bar safety net

Page attack can be divided into two categories One is the use of a browser vulnerability in the access page to write malicious code for visitors of the attack. Here we can be understood as the service end-to-client attacks. Another just opposite, is the visitors use the page of the vulnerability ...

1.1AI score
Exploits0
Rows per page
Query Builder