Lucene search
K

13 matches found

PyPA
PyPA
added 2024/01/23 6:15 p.m.8 views

PYSEC-2024-18

Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the window endpoint does not sanitize user-supplied input from the location variable and passes it to the send method which sends a GET request on lines 339-343 in request.py, which leads to a server-side request...

9.8CVSS6.7AI score0.0098EPSS
Exploits1References8Affected Software1
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.4 views

whoogle-search Code Issue Vulnerability

whoogle-search is a software application. Self-hosted, ad-free, privacy-respecting meta-search engine A code issue vulnerability exists in versions prior to whoogle-search 0.8.4 that stems from a window endpoint that does not clean up user-supplied input from the location variable and passes it t...

9.8CVSS7AI score0.0098EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.36 views

RHEL 8 : libssh (RHSA-2020:4545)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4545 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages ha...

9.3CVSS7AI score0.0316EPSS
Exploits0References12
OSV
OSV
added 2020/11/03 12:14 p.m.27 views

RLSA-2020:4545 Moderate: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.4. BZ1804797 Security Fixes: libssh: denial of service when handling AES-CTR or DES ciphers...

7.1CVSS7.8AI score0.0316EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2020/11/03 12:14 p.m.46 views

Moderate: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.4. BZ1804797 Security Fixes: libssh: denial of service when handling AES-CTR or DES ciphers...

9.3CVSS1.4AI score0.0316EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/02/03 12:0 a.m.24 views

FreeBSD : libssh -- Unsanitized location in scp could lead to unwanted command execution (1e7fa41b-f6ca-4fe8-bd46-0e176b42b14f)

The libssh team reports : In an environment where a user is only allowed to copy files and not to execute applications, it would be possible to pass a location which contains commands to be executed in additon. When the libssh SCP client connects to a server, the scp command, which includes a...

9.3CVSS6.8AI score0.0316EPSS
Exploits0References3
OSV
OSV
added 2020/01/25 1:13 p.m.4 views

OPENSUSE-SU-2020:0102-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location bsc1158095. This update was imported from the SUSE:SLE-15-SP1:Update update project...

9.3CVSS8.9AI score0.0316EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : libssh (SUSE-SU-2020:0130-1)

This update for libssh fixes the following issues : CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location bsc1158095. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempte...

9.3CVSS6.6AI score0.0316EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.18 views

SUSE SLES12 Security Update : libssh (SUSE-SU-2020:0131-1)

This update for libssh fixes the following issues : CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location bsc1158095. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempte...

9.3CVSS6.6AI score0.0316EPSS
Exploits0References4
OSV
OSV
added 2020/01/20 8:21 a.m.8 views

SUSE-SU-2020:0131-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location bsc1158095...

9.3CVSS8.8AI score0.0316EPSS
Exploits0References3
OSV
OSV
added 2020/01/20 8:21 a.m.8 views

SUSE-SU-2020:0130-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an unwanted command execution in scp caused by unsanitized location bsc1158095...

9.3CVSS8.8AI score0.0316EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2019/11/14 12:0 a.m.28 views

libssh -- Unsanitized location in scp could lead to unwanted command execution

The libssh team reports: In an environment where a user is only allowed to copy files and not to execute applications, it would be possible to pass a location which contains commands to be executed in additon. When the libssh SCP client connects to a server, the scp command, which includes a...

9.3CVSS2.2AI score0.0316EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2012/01/11 12:0 a.m.23 views

WebCalendar -- Persistent XSS

tom reports, There is no sanitation on the input of the location variable allowing for persistent XSS...

4.3CVSS6.5AI score0.01693EPSS
Exploits1References1
Rows per page
Query Builder