Lucene search
K
OsvMost viewed

907639 matches found

OSV
OSV
•added 2019/08/22 12:0 a.m.•44 views

DSA-4505-1 nginx - security update

Bulletin has no description...

7.8CVSS7.2AI score0.82017EPSS
Exploits0
OSV
OSV
•added 2019/08/18 12:0 a.m.•44 views

DSA-4503-1 golang-1.11 - security update

Bulletin has no description...

9.8CVSS7.2AI score0.83433EPSS
Exploits2
OSV
OSV
•added 2019/07/25 12:0 a.m.•44 views

DLA-1730-3 libssh2 - regression update

Bulletin has no description...

9.1CVSS6.9AI score0.11659EPSS
Exploits1
OSV
OSV
•added 2019/07/20 12:0 a.m.•44 views

DLA-1858-1 squid3 - security update

Bulletin has no description...

9.8CVSS7.7AI score0.24401EPSS
Exploits0
OSV
OSV
•added 2019/07/19 11:15 p.m.•44 views

CVE-2019-12815

An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...

9.8CVSS7.6AI score
Exploits0References15
OSV
OSV
•added 2019/07/10 12:0 a.m.•44 views

DLA-1851-1 openjpeg2 - security update

Bulletin has no description...

8.8CVSS8AI score0.03168EPSS
Exploits1
OSV
OSV
•added 2019/06/29 12:0 a.m.•44 views

DLA-1839-1 expat - security update

Bulletin has no description...

7.8CVSS7.8AI score0.07107EPSS
Exploits1
OSV
OSV
•added 2019/06/28 12:0 a.m.•44 views

DSA-4472-1 expat - security update

Bulletin has no description...

7.8CVSS7.8AI score0.07107EPSS
Exploits1
OSV
OSV
•added 2019/06/17 12:0 a.m.•44 views

DSA-4465-1 linux - security update

Bulletin has no description...

9.8CVSS6.9AI score0.98745EPSS
Exploits11
OSV
OSV
•added 2019/06/11 12:0 p.m.•44 views

RUSTSEC-2019-0037 Compiler optimisation for next_with_timeout in pnet::transport::IcmpTransportChannelIterator flaws to SEGFAULT

Affected versions of this crate were optimized out by compiler, which caused dereference of uninitialized file descriptor which caused segfault...

6CVSS7.5AI score0.00958EPSS
Exploits0References3
OSV
OSV
•added 2019/05/30 12:0 a.m.•44 views

DLA-1810-1 tomcat7 - security update

Bulletin has no description...

6.1CVSS6.3AI score0.45571EPSS
Exploits3
OSV
OSV
•added 2019/05/09 12:0 a.m.•44 views

DSA-4440-1 bind9 - security update

Bulletin has no description...

7.5CVSS6.7AI score0.06404EPSS
Exploits0
OSV
OSV
•added 2019/04/23 9:29 p.m.•44 views

PYSEC-2019-226

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

8.8CVSS4AI score0.00646EPSS
Exploits0References1
OSV
OSV
•added 2019/04/23 12:0 a.m.•44 views

DLA-1761-1 ghostscript - security update

Bulletin has no description...

7.3CVSS6AI score0.02642EPSS
Exploits0
OSV
OSV
•added 2019/04/20 12:29 a.m.•44 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

6.1CVSS6.4AI score0.87218EPSS
Exploits4References73
OSV
OSV
•added 2019/03/10 12:0 a.m.•44 views

DSA-4405-1 openjpeg2 - security update

Bulletin has no description...

9.8CVSS6.5AI score0.05135EPSS
Exploits4
OSV
OSV
•added 2019/03/01 12:0 a.m.•44 views

DLA-1701-1 openssl - security update

Bulletin has no description...

5.9CVSS6AI score0.17139EPSS
Exploits0
OSV
OSV
•added 2019/02/28 12:0 a.m.•44 views

DLA-1697-1 bind9 - security update

Bulletin has no description...

5.3CVSS6.5AI score0.037EPSS
Exploits0
OSV
OSV
•added 2019/02/20 6:29 p.m.•44 views

CVE-2018-5818

An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...

7.5CVSS6.5AI score
Exploits0References4
OSV
OSV
•added 2019/01/17 2:5 p.m.•44 views

GHSA-6QVP-R6R3-9P7H Nokogiri NULL Pointer Dereference

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerab...

7.5CVSS5.9AI score0.03681EPSS
Exploits0References12
OSV
OSV
•added 2018/10/19 4:54 p.m.•44 views

GHSA-3X7H-5HFR-HVJM Moderate severity vulnerability that affects io.undertow:undertow-core

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

7.5CVSS7.5AI score0.03662EPSS
Exploits0References2
OSV
OSV
•added 2018/09/17 12:0 p.m.•44 views

RUSTSEC-2018-0006 Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth. Note: clap 2.33 is not...

7.5CVSS7.5AI score0.01411EPSS
Exploits0References3
OSV
OSV
•added 2018/09/07 12:0 a.m.•44 views

DSA-4287-1 firefox-esr - security update

Bulletin has no description...

9.8CVSS7AI score0.03357EPSS
Exploits0
OSV
OSV
•added 2018/08/31 12:0 a.m.•44 views

DLA-1490-1 php5 - security update

Bulletin has no description...

7.5CVSS6.5AI score0.08975EPSS
Exploits1
OSV
OSV
•added 2018/08/27 12:0 a.m.•44 views

DLA-1479-1 twitter-bootstrap3 - security update

Bulletin has no description...

6.1CVSS6.7AI score0.04135EPSS
Exploits1
OSV
OSV
•added 2018/08/20 12:0 a.m.•44 views

DSA-4279-1 linux - security update

Bulletin has no description...

5.6CVSS6.7AI score0.08101EPSS
Exploits0
OSV
OSV
•added 2018/04/28 12:0 a.m.•44 views

DSA-4185-1 openjdk-8 - security update

Bulletin has no description...

8.3CVSS6.7AI score0.15141EPSS
Exploits0
OSV
OSV
•added 2018/03/13 12:0 a.m.•44 views

DSA-4135-1 samba - security update

Bulletin has no description...

8.8CVSS7AI score0.10308EPSS
Exploits1
OSV
OSV
•added 2018/02/09 6:29 a.m.•44 views

CVE-2016-10712

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles the case where $file is...

7.5CVSS7.8AI score
Exploits0References4
OSV
OSV
•added 2017/11/16 12:0 a.m.•44 views

DSA-4037-1 jackson-databind - security update

Bulletin has no description...

9.8CVSS9.6AI score0.08411EPSS
Exploits2
OSV
OSV
•added 2017/08/28 12:0 a.m.•44 views

DLA-1070-1 qemu - security update

Bulletin has no description...

7.8CVSS7AI score0.04544EPSS
Exploits0
OSV
OSV
•added 2017/08/17 12:0 a.m.•44 views

DSA-3944-1 mariadb-10.0 - security update

Bulletin has no description...

7.7CVSS6.2AI score0.03225EPSS
Exploits0
OSV
OSV
•added 2017/06/08 8:29 p.m.•44 views

CVE-2016-4473

/ext/phar/pharobject.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833...

9.8CVSS9.9AI score
Exploits0References4
OSV
OSV
•added 2017/06/06 2:29 p.m.•44 views

CVE-2017-5664

The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the origin...

7.5CVSS7.5AI score
Exploits0References38
OSV
OSV
•added 2017/05/24 3:29 p.m.•44 views

CVE-2017-9224

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...

9.8CVSS9.4AI score
Exploits0References4
OSV
OSV
•added 2017/02/13 5:59 p.m.•44 views

CVE-2016-6210

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provid...

5.9CVSS3.8AI score
Exploits0References12
OSV
OSV
•added 2017/01/25 12:0 a.m.•44 views

DLA-797-1 mysql-5.5 - security update

Bulletin has no description...

6.7CVSS6.3AI score0.04792EPSS
Exploits0
OSV
OSV
•added 2016/12/30 7:59 p.m.•44 views

CVE-2016-10033

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted Sender property...

9.8CVSS9.9AI score0.99714EPSS
Exploits59References22
OSV
OSV
•added 2016/12/13 12:0 a.m.•44 views

DSA-3732-1 php5 - security update

Bulletin has no description...

9.8CVSS8.7AI score0.42401EPSS
Exploits1
OSV
OSV
•added 2016/12/11 12:0 a.m.•44 views

DSA-3731-1 chromium-browser - security update

Bulletin has no description...

10CVSS7.2AI score0.34703EPSS
Exploits6
OSV
OSV
•added 2016/10/25 12:0 a.m.•44 views

DLA-679-1 qemu-kvm - security update

Bulletin has no description...

6CVSS6AI score0.00394EPSS
Exploits0
OSV
OSV
•added 2016/08/28 12:0 a.m.•44 views

DLA-604-1 ruby-actionpack-3.2 - security update

Bulletin has no description...

7.5CVSS6.2AI score0.95537EPSS
Exploits18
OSV
OSV
•added 2016/07/29 12:0 a.m.•44 views

DLA-569-1 xmlrpc-epi - security update

Bulletin has no description...

9.8CVSS7.8AI score0.06271EPSS
Exploits1
OSV
OSV
•added 2016/06/25 12:0 a.m.•44 views

DLA-527-1 nss - security update

Bulletin has no description...

9.3CVSS8.7AI score0.0338EPSS
Exploits0
OSV
OSV
•added 2016/05/16 10:59 a.m.•44 views

CVE-2015-8874

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call...

7.5CVSS6.6AI score
Exploits0References7
OSV
OSV
•added 2016/05/05 1:59 a.m.•44 views

CVE-2016-2106

Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...

7.5CVSS5.6AI score
Exploits0References61
OSV
OSV
•added 2016/05/03 12:0 a.m.•44 views

DLA-455-1 asterisk - security update

Bulletin has no description...

9CVSS4.3AI score0.46156EPSS
Exploits1
OSV
OSV
•added 2015/07/16 12:0 a.m.•44 views

DLA-272-1 python-django - security update

Bulletin has no description...

7.8CVSS8AI score0.07266EPSS
Exploits0
OSV
OSV
•added 2015/06/13 12:0 a.m.•44 views

DSA-3284-1 qemu - security update

Bulletin has no description...

7.8CVSS6.2AI score0.09668EPSS
Exploits0
OSV
OSV
•added 2015/05/28 12:0 a.m.•44 views

DLA-233-1 clamav - security update

Bulletin has no description...

7.5CVSS7.6AI score0.0837EPSS
Exploits1
Total number of security vulnerabilities5000