Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
FedoraprojectFedora

5311 matches found

CVE
CVEadded 2016/01/26 7:59 p.m.39 views

CVE-2016-1926

Cross-site scripting (XSS) vulnerability in the charts module in Greenbone Security Assistant (GSA) 6.x before 6.0.8 allows remote attackers to inject arbitrary web script or HTML via the aggregate_type parameter in a get_aggregate command to omp.

6.1CVSS6AI score0.00717EPSS
CVE
CVEadded 2017/02/03 3:59 p.m.39 views

CVE-2016-9108

Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.

7.5CVSS7.1AI score0.00825EPSS
CVE
CVEadded 2017/02/22 4:59 p.m.39 views

CVE-2016-9400

The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.

9.8CVSS9.3AI score0.02719EPSS
CVE
CVEadded 2015/01/15 3:59 p.m.38 views

CVE-2015-1051

Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.

5.8CVSS6.6AI score0.00631EPSS
CVE
CVEadded 2024/05/14 3:45 p.m.38 views

CVE-2024-4853

Memory handling issue in editcap could cause denial of service via crafted capture file

5.5CVSS5AI score0.00038EPSS
CVE
CVEadded 2016/04/18 2:59 p.m.37 views

CVE-2016-3071

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

7.5CVSS7.2AI score0.00972EPSS
CVE
CVEadded 2017/06/08 7:29 p.m.37 views

CVE-2016-3095

server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key.

5.5CVSS5.1AI score0.00045EPSS
CVE
CVEadded 2021/07/20 7:15 a.m.37 views

CVE-2021-36979

Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).

5.5CVSS5.6AI score0.00205EPSS
CVE
CVEadded 2023/08/11 3:15 a.m.37 views

CVE-2023-22840

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.

5.5CVSS5.1AI score0.00059EPSS
CVE
CVEadded 2017/12/29 10:29 p.m.36 views

CVE-2015-8008

The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token.

7.5CVSS8.4AI score0.00886EPSS
Web
CVE
CVEadded 2016/04/15 3:59 p.m.34 views

CVE-2016-3144

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

5.4CVSS4.9AI score0.00221EPSS
Total number of security vulnerabilities5311