Lucene search
+L

288 matches found

Positive Technologies
Positive Technologies
added 2020/06/16 12:0 a.m.4 views

PT-2020-13926

Name of the Vulnerable Software and Affected Versions: Trezor One versions prior to 1.9.1 Trezor Model T versions prior to 2.3.1 Description: The issue in the Bitcoin protocol specification, specifically BIP-143, mishandles the signing of a Segwit transaction. This allows attackers to trick a use...

6.5CVSS6.5AI score0.00846EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/03/09 12:0 a.m.9 views

PT-2020-15356 · Jenkins · Credentials Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr Enterprise Test Management Plugin versions 1.9.1 and earlier Description: The issue concerns the storage of the Zephyr password in plain text on the Jenkins master file system, specifically in the global configuration file...

5.5CVSS5.3AI score0.0033EPSS
Exploits0References7
CNVD
CNVD
added 2020/02/28 12:0 a.m.1 views

File deletion vulnerability in ourphp v1.9.1 backend

OURPHP is Harbin Weicheng Technology Co., Ltd. developed a PHP + MySQL based on the development of W3C standards-compliant building system. ourphp v1.9.1 arbitrary file deletion vulnerability exists in the background. Attackers can use this vulnerability to delete website files, the integrity of...

7AI score
Exploits0
OSV
OSV
added 2019/06/05 4:29 p.m.6 views

CVE-2019-9647

Gila CMS 1.9.1 has XSS...

6.1CVSS6.6AI score0.02261EPSS
Exploits5References2
CNVD
CNVD
added 2019/05/26 12:0 a.m.3 views

xss vulnerability exists in Xinhoo Collaboration Office v1.9.1

Xinhuo Co-operation Office System is an open source and cross-platform office system. A xss vulnerability exists in Xinhao Collaboration Office v1.9.1, which can be exploited by attackers to obtain an administrator cookie...

6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2019/03/25 6:3 p.m.29 views

Code Injection in morgan

Verisons of morgan before 1.9.1 are vulnerable to code injection when user input is allowed into the filter or combined with a prototype pollution attack. Recommendation Update to version 1.9.1 or later...

9.8CVSS5.4AI score0.03399EPSS
Exploits1References7Affected Software1
RedHat Linux
RedHat Linux
added 2019/02/05 8:26 a.m.7 views

haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash

A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...

7.5CVSS6.7AI score0.04459EPSS
Exploits0References4
OSV
OSV
added 2017/10/05 4:5 p.m.3 views

USN-3439-1 ruby1.9.1 vulnerabilities

It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. CVE-2017-0898 Yusuke Endoh discovered that Ruby incorrectly handled certain files. An attacker could use this to execute terminal escape sequences. CVE-2017-0899 Yusuke Endoh...

9.8CVSS7.2AI score0.29442EPSS
Exploits6References8
CNVD
CNVD
added 2017/09/28 12:0 a.m.3 views

Cross-Site Scripting Vulnerability in WordPress Content Audit Plugin

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. A cross-site scripting vulnerability exists in the WordPress Content Audit version 1.9.1 plugin, which allows unauthenticated remote attackers to execute arbitrar...

6.7AI score
Exploits0References1
OSV
OSV
added 2017/09/23 8:29 p.m.3 views

ALPINE-CVE-2017-14727

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...

7.5CVSS7.1AI score0.02836EPSS
Exploits0References1
NVD
NVD
added 2017/02/24 4:59 a.m.9 views

CVE-2017-6304

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."...

7.8CVSS7.4AI score0.01223EPSS
Exploits0References6
NVD
NVD
added 2017/02/24 4:59 a.m.12 views

CVE-2017-6303

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."...

7.8CVSS7.5AI score0.01284EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2017/02/24 4:23 a.m.30 views

CVE-2017-6301

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."...

7.8CVSS7.6AI score0.01223EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/02/23 12:0 a.m.13 views

CVE-2017-6302

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."...

7.8CVSS7.1AI score0.01222EPSS
Exploits0References6
exploitpack
exploitpack
added 2016/11/08 12:0 a.m.37 views

WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting

WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginwassuprealtimeanalyticswordpressplugin.html Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin Abstract A stored...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/08 12:0 a.m.46 views

WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting

Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginwassuprealtimeanalyticswordpressplugin.html Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin Abstract A stored Cross-Site Scripting XSS vulnerability has been found in the WassUp Real Time...

7AI score
Exploits0
CNVD
CNVD
added 2016/07/22 12:0 a.m.1 views

OwnCloud Android Local Security Bypass Vulnerability

OwnCloud is a free and open source personal cloud storage solution from the German company OwnCloud.OwnCloud for Android is one of the Android versions. A local security bypass vulnerability exists in OwnCloud for Android versions prior to 1.9.1. A local attacker can exploit this vulnerability to...

6.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2015/02/02 12:0 a.m.30 views

WordPress Quasar Theme 1.9.1 Privilege Escalation

------------------------------------------------------------------------------ WordPress Quasar Theme Previlege Escalation ------------------------------------------------------------------------------ - Theme Link:...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Ruby <= 1.9.1 WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37710/info Ruby WEBrick is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to execute arbitrary commands in a terminal...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/05/19 12:0 a.m.67 views

WordPress Plugin NextGEN Gallery 1.9.1 - &#039;photocrati_ajax&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/68414/info The NextGEN Gallery plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in an arbitrary code...

7.4AI score
Exploits0
Rows per page
Query Builder