Lucene search
K

128 matches found

OSV
OSV
added 2018/03/13 3:29 p.m.30 views

CVE-2018-1000076

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in...

9.8CVSS9.7AI score0.03037EPSS
Exploits0References18
NVD
NVD
added 2018/03/13 3:29 p.m.17 views

CVE-2018-1000074

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code...

7.8CVSS8.7AI score0.02982EPSS
Exploits0References18
Cvelist
Cvelist
added 2018/03/13 3:0 p.m.19 views

CVE-2018-1000075

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can...

8.6AI score0.04809EPSS
Exploits0References18
Cvelist
Cvelist
added 2018/03/13 3:0 p.m.22 views

CVE-2018-1000077

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can...

7.4AI score0.03825EPSS
Exploits0References18
Cvelist
Cvelist
added 2018/03/13 3:0 p.m.24 views

CVE-2018-1000073

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...

8.6AI score0.05076EPSS
Exploits0References14
Cvelist
Cvelist
added 2018/03/13 3:0 p.m.23 views

CVE-2018-1000079

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

7.5AI score0.02876EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2018/03/13 12:0 a.m.31 views

CVE-2018-1000077

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can...

5.3CVSS6.8AI score0.03825EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/03/13 12:0 a.m.34 views

CVE-2018-1000073

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...

7.5CVSS6.8AI score0.05076EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/03/13 12:0 a.m.28 views

CVE-2018-1000079

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS6.8AI score0.02876EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2018/03/13 12:0 a.m.35 views

CVE-2018-1000078

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting XSS vulnerability in gem server display of homepage attribute that can...

6.1CVSS6.8AI score0.02845EPSS
Exploits0References4
Hacker One
Hacker One
added 2017/10/11 4:47 a.m.12 views

Tor: Use of uninitialized value in networkstatus_parse_vote_from_string (src/or/routerparse.c:3533)

Triggered in 22139c0, compiled with -fsanitize=memory and clang 6.0.0-trunk. ./fuzz-consense test000bbb ==9293==WARNING: MemorySanitizer: use-of-uninitialized-value 0 0x5611f7f7e4de in networkstatusparsevotefromstring /root/tor/src/or/routerparse.c:3533:23 1 0x5611f75bbbd1 in fuzzmain...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2017/10/06 9:25 a.m.6 views

Tor: Use of unitialized value in crypto_pk_num_bits (src/common/crypto.c:971)

Vulnerability description not provided...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2017/10/06 9:20 a.m.22 views

Tor: Use of uninitialized value in memarea_strdup (src/common/memarea.c:369)

Triggered in 51e4748 , compiled with clang 6.0.0-trunk and -fsanitize=memory. ./fuzz-hsdescv2 test001 Uninitialized bytes in interceptorstrlen at offset 0 inside 0x7fff5525ff80, 51 ==19693==WARNING: MemorySanitizer: use-of-uninitialized-value 0 0x5570edfe5fbd in memareastrdup...

6.9AI score
Exploits0
OSV
OSV
added 2017/09/06 9:29 p.m.3 views

UBUNTU-CVE-2015-0853

svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$xeyes...

8.8CVSS6.1AI score0.03311EPSS
Exploits1References2
exploitpack
exploitpack
added 2017/03/27 12:0 a.m.13 views

Apple Safari - Out-of-Bounds Read when Calling Bound Function

Apple Safari - Out-of-Bounds Read when Calling Bound Function var ba; function s alert"in s"; ba = this; function g alert"in g"; return...

0.3AI score
Exploits0
ossfuzz
ossfuzz
added 2016/11/24 9:57 p.m.14 views

pcre2: Heap-buffer-overflow in _pcre2_auto_possessify_8

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4892227272704000 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Fuzzer binary: pcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...

7.2AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2016/11/22 11:58 a.m.22 views

pcre2: Heap-buffer-overflow in parsed_skip

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6151126613229568 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Fuzzer binary: pcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...

7.2AI score
Exploits0Affected Software1
NVD
NVD
added 2015/04/03 6:59 p.m.19 views

CVE-2015-0616

The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, and 9.x before 9.12SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service core dump and restart by improperly terminating SIP TCP...

7.1CVSS6.5AI score0.01679EPSS
Exploits0References2
NVD
NVD
added 2015/04/03 6:59 p.m.18 views

CVE-2015-0615

The call-handling implementation in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, 9.x before 9.12SU2, and 10.0 before 10.01SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service port consumption by improperly terminating SIP sessions, ak...

7.1CVSS6.5AI score0.01679EPSS
Exploits0References2
NVD
NVD
added 2015/04/03 6:59 p.m.18 views

CVE-2015-0614

The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, 9.x before 9.12SU2, and 10.0 before 10.01SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service core dump and restart via crafted SI...

7.1CVSS6.5AI score0.01679EPSS
Exploits0References2
Rows per page
Query Builder