Lucene search

K

971 matches found

CVE
CVE
•added 2020/08/07 4:15 p.m.•11749 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

9.8CVSS9.3AI score0.82217EPSS
CVE
CVE
•added 2020/04/29 10:15 p.m.•6939 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.02566EPSS
CVE
CVE
•added 2021/01/20 5:15 p.m.•6731 views

CVE-2020-25682

A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary da...

8.3CVSS8.3AI score0.38586EPSS
CVE
CVE
•added 2020/04/29 9:15 p.m.•6686 views

CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3...

6.9CVSS7.2AI score0.21987EPSS
CVE
CVE
•added 2020/04/02 12:15 a.m.•5761 views

CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

6.1CVSS6.7AI score0.12344EPSS
CVE
CVE
•added 2020/04/01 8:15 p.m.•5360 views

CVE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.

5.3CVSS6AI score0.36779EPSS
CVE
CVE
•added 2021/01/26 9:15 p.m.•4242 views

CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.8CVSS8.3AI score0.92188EPSS
CVE
CVE
•added 2020/02/24 10:15 p.m.•4085 views

CVE-2020-1938

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS9.9AI score0.94465EPSS
CVE
CVE
•added 2020/08/17 7:15 p.m.•3736 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a d...

10CVSS8.2AI score0.94448EPSS
CVE
CVE
•added 2020/08/07 4:15 p.m.•3120 views

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for...

7.5CVSS8.3AI score0.77184EPSS
CVE
CVE
•added 2020/08/07 4:15 p.m.•2990 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this v...

7.5CVSS8.6AI score0.36966EPSS
CVE
CVE
•added 2019/08/13 9:15 p.m.•2974 views

CVE-2019-9516

Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for ...

7.5CVSS7.3AI score0.02479EPSS
CVE
CVE
•added 2020/07/13 1:15 p.m.•2486 views

CVE-2019-20907

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.

7.5CVSS7.6AI score0.00407EPSS
CVE
CVE
•added 2020/01/30 7:15 p.m.•2276 views

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

7.1CVSS7AI score0.03095EPSS
CVE
CVE
•added 2021/01/20 5:15 p.m.•2143 views

CVE-2020-25681

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow...

8.3CVSS8.3AI score0.19445EPSS
CVE
CVE
•added 2020/12/08 10:15 p.m.•2111 views

CVE-2020-27918

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary cod...

7.8CVSS8.6AI score0.00164EPSS
CVE
CVE
•added 2021/01/19 6:15 a.m.•1981 views

CVE-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf ...

9.8CVSS9.3AI score0.00037EPSS
CVE
CVE
•added 2021/05/20 1:15 p.m.•1730 views

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to acces...

5.7CVSS5.6AI score0.00113EPSS
CVE
CVE
•added 2021/04/08 11:15 p.m.•1633 views

CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID...

4.3CVSS4.1AI score0.00042EPSS
CVE
CVE
•added 2020/05/11 2:15 p.m.•1631 views

CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.5CVSS7.5AI score0.02373EPSS
CVE
CVE
•added 2020/10/02 3:15 p.m.•1597 views

CVE-2020-7069

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.

6.5CVSS6.2AI score0.07085EPSS
CVE
CVE
•added 2020/03/07 1:15 a.m.•1444 views

CVE-2020-9281

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).

6.1CVSS5.4AI score0.00693EPSS
CVE
CVE
•added 2021/04/23 6:15 p.m.•1430 views

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

7.8CVSS8AI score0.93101EPSS
CVE
CVE
•added 2021/02/17 11:15 p.m.•1365 views

CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gss...

8.1CVSS8.4AI score0.02085EPSS
CVE
CVE
•added 2021/04/02 6:15 p.m.•1357 views

CVE-2021-1789

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to a...

8.8CVSS8.6AI score0.00218EPSS
CVE
CVE
•added 2020/11/03 3:15 a.m.•1333 views

CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.80718EPSS
CVE
CVE
•added 2020/11/20 4:15 p.m.•1332 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0....

8.8CVSS8.5AI score0.07491EPSS
CVE
CVE
•added 2020/05/20 7:15 p.m.•1324 views

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the Persisten...

7CVSS7.5AI score0.93247EPSS
CVE
CVE
•added 2021/04/26 5:15 p.m.•1285 views

CVE-2021-21224

Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.9AI score0.66739EPSS
CVE
CVE
•added 2020/07/22 5:15 p.m.•1279 views

CVE-2020-6514

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

6.5CVSS7.3AI score0.09912EPSS
CVE
CVE
•added 2021/04/02 7:15 p.m.•1265 views

CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issu...

9.8CVSS8.6AI score0.00494EPSS
CVE
CVE
•added 2021/04/26 5:15 p.m.•1233 views

CVE-2021-21220

Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.92805EPSS
CVE
CVE
•added 2021/02/09 4:15 p.m.•1227 views

CVE-2021-21148

Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9.1AI score0.50292EPSS
CVE
CVE
•added 2020/11/03 3:15 a.m.•1223 views

CVE-2020-15969

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.03155EPSS
CVE
CVE
•added 2021/04/26 5:15 p.m.•1205 views

CVE-2021-21206

Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.12795EPSS
CVE
CVE
•added 2020/10/02 3:15 p.m.•1204 views

CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being...

5.3CVSS6.5AI score0.15525EPSS
CVE
CVE
•added 2021/03/16 3:15 p.m.•1187 views

CVE-2021-21193

Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.12582EPSS
CVE
CVE
•added 2021/03/09 6:15 p.m.•1176 views

CVE-2021-21166

Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.41931EPSS
CVE
CVE
•added 2020/01/29 4:15 p.m.•1154 views

CVE-2020-7247

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. ...

10CVSS9.5AI score0.94036EPSS
CVE
CVE
•added 2021/01/18 8:15 p.m.•1053 views

CVE-2020-36193

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

7.5CVSS7.5AI score0.76272EPSS
CVE
CVE
•added 2021/01/20 5:15 p.m.•1033 views

CVE-2020-25687

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. Thi...

7.1CVSS7AI score0.22341EPSS
CVE
CVE
•added 2020/12/08 4:15 p.m.•1021 views

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrec...

5.9CVSS5.7AI score0.00322EPSS
CVE
CVE
•added 2020/06/18 2:15 p.m.•1005 views

CVE-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface object...

5.9CVSS6.5AI score0.00973EPSS
CVE
CVE
•added 2020/04/23 3:15 p.m.•962 views

CVE-2020-11945

An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if...

9.8CVSS9.7AI score0.38376EPSS
CVE
CVE
•added 2021/03/09 8:15 p.m.•961 views

CVE-2021-21300

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive fil...

8CVSS7.7AI score0.70789EPSS
CVE
CVE
•added 2020/06/15 2:15 p.m.•945 views

CVE-2020-0543

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00533EPSS
CVE
CVE
•added 2020/11/19 7:15 p.m.•908 views

CVE-2020-28949

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

7.8CVSS7.7AI score0.92731EPSS
CVE
CVE
•added 2021/01/20 4:15 p.m.•854 views

CVE-2020-25684

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query...

4.3CVSS6AI score0.00556EPSS
CVE
CVE
•added 2021/05/12 2:15 p.m.•839 views

CVE-2021-20277

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

7.5CVSS7.5AI score0.11529EPSS
CVE
CVE
•added 2020/05/19 2:15 p.m.•834 views

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

7.5CVSS7.2AI score0.92345EPSS
Total number of security vulnerabilities971