Lucene search

K

10 matches found

CVE
CVE
added 2019/09/26 4:15 p.m.3320 views

CVE-2019-10092

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with pro...

6.1CVSS7.3AI score0.8299EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.405 views

CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()), generates the request HTTP header contents based on previously received data. The check that ...

9.8CVSS9.3AI score0.34384EPSS
CVE
CVE
added 2019/05/15 4:29 p.m.356 views

CVE-2019-8936

NTP through 4.2.8p12 has a NULL Pointer Dereference.

7.5CVSS7.4AI score0.08689EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.247 views

CVE-2019-3823

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call ...

7.5CVSS8.5AI score0.01536EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.234 views

CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (lib/vauth/ntlm.c:ntlm_decode_type2_target) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that ...

7.5CVSS8.6AI score0.01104EPSS
CVE
CVE
added 2019/10/25 7:15 p.m.187 views

CVE-2019-5508

Clustered Data ONTAP versions 9.2 through 9.4 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS).

7.5CVSS7.3AI score0.00536EPSS
CVE
CVE
added 2019/02/01 4:29 p.m.63 views

CVE-2018-5498

Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service (Do...

4.4CVSS4.4AI score0.00513EPSS
CVE
CVE
added 2019/01/24 8:29 p.m.61 views

CVE-2018-5497

Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

4.4CVSS4.5AI score0.00145EPSS
CVE
CVE
added 2019/02/27 5:29 p.m.58 views

CVE-2019-5491

Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.

7.5CVSS7.3AI score0.00515EPSS
CVE
CVE
added 2019/10/09 7:15 p.m.43 views

CVE-2019-5506

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.

5.9CVSS5.7AI score0.00195EPSS