Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

UbuntuCve
UbuntuCveadded 2017/03/15 12:0 a.m.27 views

CVE-2017-5579

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

6.5CVSS6.8AI score0.0007EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2015/08/05 1:59 a.m.26 views

CVE-2015-3438

Multiple cross-site scripting XSS vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a 1 four-byte UTF-8 character or 2 invalid character that reaches the database layer, as demonstrated by a crafted...

4.3CVSS5.9AI score0.01607EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2015/07/24 12:0 a.m.29 views

CVE-2015-5158

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAPSYSRAWIO permissions to cause a denial of service instance crash via an invalid opcode in a SCSI command descriptor block...

5.5CVSS7AI score0.00081EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2015/07/22 2:0 p.m.20 views

CVE-2015-1331

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/...

4.9CVSS6.3AI score0.00048EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2015/01/02 12:0 a.m.17 views

CVE-2014-9447

Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...

6.4CVSS6.7AI score0.03517EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2012/10/03 12:0 a.m.23 views

CVE-2012-4466

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different vulnerability than...

5CVSS7.1AI score0.01686EPSS
Exploits1References7
UbuntuCve
UbuntuCveadded 2011/10/23 12:0 a.m.15 views

CVE-2011-3635

Cross-site scripting XSS vulnerability in the themeadiumappendmessage function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias aka nickname...

4.3CVSS6AI score0.0048EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2011/09/23 11:55 p.m.20 views

CVE-2011-3744

HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files...

5CVSS5.9AI score0.00283EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2011/09/23 11:55 p.m.22 views

CVE-2011-3730

Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php and certain other files...

5CVSS7.1AI score0.00787EPSS
Exploits1References1
Rows per page
Query Builder