Lucene search
K

10 matches found

OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2015:1792-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02672EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/05/26 7:41 a.m.3 views

ruby: Code injection via command argument of Shell#test / Shell#[]

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the "command" argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method...

8.1CVSS7.4AI score0.04221EPSS
Exploits1References4
Veracode
Veracode
added 2020/02/20 8:39 a.m.16 views

Remote Code Execution (RCE)

ruamelyaml is vulnerable to remote code execution RCE. The attack exists because it accepts the invocation of load method with untrusted argument instead of using safe method such as safeload, resulting in deserialization of untrusted objects...

9.8CVSS4.3AI score0.0675EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/02/19 4:15 a.m.23 views

CVE-2019-20478

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...

10CVSS9.8AI score0.0675EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/02/19 4:15 a.m.23 views

CVE-2019-20478

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...

10CVSS7.3AI score0.0675EPSS
Exploits0References2
Prion
Prion
added 2020/02/19 4:15 a.m.15 views

Remote code execution

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...

10CVSS9.8AI score0.0675EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/19 3:9 a.m.26 views

CVE-2019-20478

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...

9.8AI score0.0675EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/02/19 3:9 a.m.28 views

CVE-2019-20478

In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...

10CVSS9.1AI score0.0675EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/20 12:0 a.m.16 views

SUSE SLED12 / SLES12 Security Update : augeas (SUSE-SU-2015:1249-1)

This update fixes an untrusted argument escaping problem CVE-2014-8119 : - new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions - augmatch is changed to return properly escaped output Note that Tenable Network Security has extracted...

7.5CVSS7.4AI score0.02672EPSS
Exploits0References4
OSV
OSV
added 2015/06/24 7:8 a.m.4 views

SUSE-SU-2015:1249-1 Security update for augeas

This update fixes an untrusted argument escaping problem CVE-2014-8119: new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions augmatch is changed to return properly escaped output...

7.5CVSS7.5AI score0.02672EPSS
Exploits0References3
Rows per page
Query Builder