Lucene search

K
FedoraprojectExtra Packages For Enterprise Linux9.0

7 matches found

CVE
CVE
added 2023/03/23 8:15 p.m.493 views

CVE-2023-1289

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of ...

5.5CVSS5.5AI score0.001EPSS
CVE
CVE
added 2023/12/24 6:15 a.m.402 views

CVE-2023-51766

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but som...

5.3CVSS5.3AI score0.03209EPSS
CVE
CVE
added 2020/01/16 4:15 a.m.243 views

CVE-2020-7106

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to t...

6.1CVSS6.7AI score0.04094EPSS
CVE
CVE
added 2022/01/31 8:15 a.m.114 views

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

9.1CVSS9.1AI score0.0006EPSS
CVE
CVE
added 2022/09/19 6:15 p.m.88 views

CVE-2022-3213

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

5.5CVSS5.7AI score0.00031EPSS
CVE
CVE
added 2022/02/14 12:15 p.m.81 views

CVE-2022-0571

Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.

6.8CVSS6.1AI score0.0037EPSS
CVE
CVE
added 2024/01/16 3:15 p.m.51 views

CVE-2023-6395

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which ...

9.8CVSS9.4AI score0.00413EPSS