CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4499 matches found

OPENSUSE Linux•added 2019/09/25 12:0 a.m.•102 views

Security update for varnish (moderate)

openSUSE Security Update: Security update for varnish Announcement ID: openSUSE-SU-2019:2184-1 Rating: moderate References: 1149382 Cross-References: CVE-2019-15892 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...

7.8CVSS7.5AI score0.07699EPSS

Exploits0References1

OSV•added 2019/09/08 2:9 p.m.•12 views

MGASA-2019-0260 Updated tomcat packages fix security vulnerabilities

Updated tomcat packages fix security vulnerabilities: The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet...

7.5CVSS6.4AI score0.713EPSS

Exploits3References6

Mageia•added 2019/09/08 2:9 p.m.•49 views

Updated tomcat packages fix security vulnerabilities

7.5CVSS1.3AI score0.713EPSS

Exploits3References5

OSV•added 2019/08/30 9:15 a.m.•7 views

CVE-2019-5612

In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program c...

7.5CVSS7.3AI score0.003EPSS

Exploits0References2

Prion•added 2019/08/30 9:15 a.m.•17 views

Input validation

7.8CVSS7.2AI score0.003EPSS

Exploits0References2Affected Software1

Cent OS•added 2019/08/30 2:53 a.m.•359 views

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2019:2118 An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5.3CVSS6.5AI score0.0004EPSS

Exploits0References7

myhack58•added 2019/08/30 12:0 a.m.•46 views

In-depth analysis of the thread and process handle leak vulnerability, under-vulnerability warning-the black bar safety net

PROCESSVM It covers the VM access permissions three types: WRITE/READ/OPERATION. The first two permissions should be self-explanatory, the third permission allows the operation of the virtual address space itself, such as modifying the page protection VirtualProtectEx or allocating memory with...

7.2AI score

Exploits0

Cvelist•added 2019/08/29 10:31 p.m.•16 views

CVE-2019-5612

7.3AI score0.003EPSS

Exploits0References2

OSV•added 2019/08/29 7:15 p.m.•1 views

DEBIAN-CVE-2019-14970

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS7.9AI score0.00623EPSS

Exploits0References1

Debian CVE•added 2019/08/29 6:55 p.m.•24 views

CVE-2019-14970

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS7.7AI score0.00623EPSS

Exploits0

OSV•added 2019/08/29 12:0 a.m.•0 views

UBUNTU-CVE-2019-14970

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS7.4AI score0.00623EPSS

Exploits0References4

OSV•added 2019/08/28 5:57 a.m.•6 views

SUSE-SU-2019:2227-2 Security update for libvirt

This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...

8.8CVSS8.2AI score0.0014EPSS

Exploits0References7

OpenVAS•added 2019/08/28 12:0 a.m.•37 views

Apache Tomcat DoS Vulnerability (Jun 2019) - Windows

Apache Tomcat is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; if...

7.7AI score

Exploits0References2

OSV•added 2019/08/27 5:41 p.m.•0 views

GHSA-4Q98-WR72-H35W Improper input validation in Apache Santuario XML Security for Java

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

5.5CVSS5.9AI score0.00576EPSS

Exploits0References15

Tenable Nessus•added 2019/08/26 12:0 a.m.•23 views

Fedora 29 : nfdump (2019-9013b5e75d)

2019-08-14 - Fix compile issues - Fix output buffer size for lzo1xdecompresssafe 2019-08-07 - Fix VerifyExtensionMap 179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. 175 - Fix off by 1 array. 173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterSt...

7.8CVSS7.3AI score0.02376EPSS

Exploits1References3

OSV•added 2019/08/23 9:15 p.m.•1 views

DEBIAN-CVE-2019-12400

5.5CVSS6.8AI score0.00576EPSS

Exploits0References1

OSV•added 2019/08/23 9:15 p.m.•0 views

UBUNTU-CVE-2019-12400

5.5CVSS7.1AI score0.00576EPSS

Exploits0References4