Lucene search

K

1413 matches found

CVE
CVE
added 2018/07/16 6:29 p.m.54 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex

7.5CVSS7.2AI score0.00384EPSS
CVE
CVE
added 2018/03/21 8:29 p.m.53 views

CVE-2017-0926

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.

8.8CVSS7.7AI score0.0031EPSS
CVE
CVE
added 2018/02/02 3:29 p.m.53 views

CVE-2017-18122

A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid. Att...

8.1CVSS8.2AI score0.00324EPSS
CVE
CVE
added 2018/03/13 1:29 a.m.53 views

CVE-2018-1000099

Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

7.5CVSS7.5AI score0.0097EPSS
CVE
CVE
added 2018/09/12 1:29 a.m.53 views

CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values a...

7.5CVSS8.4AI score0.07557EPSS
CVE
CVE
added 2018/02/02 1:29 a.m.53 views

CVE-2018-6519

The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.

7.5CVSS7.5AI score0.00402EPSS
CVE
CVE
added 2018/05/31 8:29 p.m.52 views

CVE-2016-10538

The package node-cli before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.

4.9CVSS3.9AI score0.00317EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.52 views

CVE-2017-0369

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it.

6.5CVSS6.9AI score0.00126EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.52 views

CVE-2017-0370

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter.

5.3CVSS5.5AI score0.00287EPSS
CVE
CVE
added 2018/06/05 1:29 p.m.52 views

CVE-2018-11743

The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact.

9.8CVSS9.6AI score0.00597EPSS
CVE
CVE
added 2018/12/10 6:29 a.m.52 views

CVE-2018-20004

An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml.

8.8CVSS8.6AI score0.00821EPSS
CVE
CVE
added 2018/03/18 3:29 a.m.52 views

CVE-2018-8754

The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub

5.5CVSS5.4AI score0.0005EPSS
CVE
CVE
added 2018/04/13 3:29 p.m.51 views

CVE-2016-9646

ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery.

5.3CVSS7.2AI score0.01104EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.51 views

CVE-2017-0361

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext.

7.8CVSS7.8AI score0.00077EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.51 views

CVE-2017-0366

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration.

5.4CVSS5.6AI score0.00346EPSS
CVE
CVE
added 2018/04/03 7:29 a.m.51 views

CVE-2018-0493

remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.

7.2CVSS7.1AI score0.01016EPSS
CVE
CVE
added 2018/03/13 1:29 a.m.51 views

CVE-2018-1000098

Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

7.5CVSS7.8AI score0.00704EPSS
CVE
CVE
added 2018/08/20 7:31 p.m.51 views

CVE-2018-1000637

zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fixed...

7.8CVSS7.7AI score0.00399EPSS
CVE
CVE
added 2018/04/13 3:29 p.m.50 views

CVE-2017-0357

A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption.

9.8CVSS9.4AI score0.01689EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.50 views

CVE-2017-0363

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.

6.1CVSS6.3AI score0.00184EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.50 views

CVE-2017-0365

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations.

4.7CVSS4.8AI score0.00368EPSS
CVE
CVE
added 2018/03/21 8:29 p.m.50 views

CVE-2017-0916

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.

9.8CVSS8.8AI score0.01291EPSS
CVE
CVE
added 2018/02/27 8:29 p.m.50 views

CVE-2017-7671

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

7.5CVSS7.3AI score0.0427EPSS
CVE
CVE
added 2018/09/28 12:29 a.m.50 views

CVE-2018-16587

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.

6.5CVSS6.5AI score0.00509EPSS
CVE
CVE
added 2018/09/12 11:29 p.m.50 views

CVE-2018-16981

stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.

8.8CVSS8.8AI score0.00344EPSS
CVE
CVE
added 2018/01/05 8:29 p.m.50 views

CVE-2018-5251

In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

6.5CVSS6.7AI score0.00561EPSS
CVE
CVE
added 2018/03/05 10:29 p.m.50 views

CVE-2018-7711

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP func...

8.1CVSS7.8AI score0.0022EPSS
CVE
CVE
added 2018/03/30 8:29 a.m.50 views

CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

6.5CVSS6.7AI score0.00649EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.49 views

CVE-2017-0367

Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.

8.8CVSS8.6AI score0.00511EPSS
CVE
CVE
added 2018/02/27 8:29 p.m.49 views

CVE-2017-5660

There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.

8.6CVSS8.3AI score0.02584EPSS
CVE
CVE
added 2018/06/12 8:29 p.m.49 views

CVE-2018-0496

Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system.

7.5CVSS7.3AI score0.00531EPSS
CVE
CVE
added 2018/01/08 7:29 a.m.49 views

CVE-2018-5294

In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

6.5CVSS7AI score0.00623EPSS
CVE
CVE
added 2018/04/12 4:29 p.m.48 views

CVE-2018-10060

Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.

5.4CVSS5.4AI score0.00667EPSS
CVE
CVE
added 2018/07/02 2:29 p.m.48 views

CVE-2018-13054

An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HO...

8.1CVSS7.8AI score0.00364EPSS
CVE
CVE
added 2018/02/09 11:29 p.m.47 views

CVE-2018-1000041

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via...

8.8CVSS8.4AI score0.0048EPSS
CVE
CVE
added 2018/02/23 9:29 p.m.47 views

CVE-2018-7440

An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836.

9.8CVSS7.1AI score0.01748EPSS
CVE
CVE
added 2018/02/28 6:29 a.m.47 views

CVE-2018-7553

There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

9.8CVSS9.7AI score0.00589EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.47 views

CVE-2018-7868

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.

6.5CVSS7.1AI score0.00571EPSS
CVE
CVE
added 2018/04/13 4:29 p.m.46 views

CVE-2017-0368

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages.

5.3CVSS5.4AI score0.00287EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.46 views

CVE-2018-7871

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact.

8.8CVSS8.7AI score0.00558EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.46 views

CVE-2018-7876

In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.7AI score0.01379EPSS
CVE
CVE
added 2018/03/25 3:29 a.m.46 views

CVE-2018-9009

In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.

8.8CVSS8.4AI score0.00658EPSS
CVE
CVE
added 2018/10/01 8:29 a.m.45 views

CVE-2015-9267

Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.

5.5CVSS6AI score0.00044EPSS
CVE
CVE
added 2018/04/12 4:29 p.m.45 views

CVE-2018-10061

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

5.4CVSS5.4AI score0.00955EPSS
CVE
CVE
added 2018/02/28 7:29 a.m.45 views

CVE-2018-7556

LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.

9.1CVSS9.1AI score0.00304EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.45 views

CVE-2018-7866

A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

6.5CVSS6.9AI score0.01407EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.45 views

CVE-2018-7877

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.

6.5CVSS6.6AI score0.00544EPSS
CVE
CVE
added 2018/07/17 3:29 a.m.44 views

CVE-2018-14337

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

7.5CVSS7.5AI score0.00384EPSS
CVE
CVE
added 2018/02/16 4:29 p.m.44 views

CVE-2018-7186

Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and pta...

9.8CVSS7.7AI score0.03045EPSS
CVE
CVE
added 2018/03/08 6:29 p.m.44 views

CVE-2018-7867

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.

6.5CVSS7.2AI score0.00563EPSS
Total number of security vulnerabilities1413