Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
NetappHci Management Node

15 matches found

CVE
CVEadded 2007/05/21 8:30 p.m.1154 views

CVE-2007-2768

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

4.3CVSS9.4AI score0.00399EPSS
CVE
CVEadded 2020/06/12 2:15 p.m.501 views

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

4.4CVSS5.6AI score0.00035EPSS
CVE
CVEadded 2020/12/14 8:15 p.m.349 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service bann...

4.3CVSS6AI score0.00067EPSS
CVE
CVEadded 2020/10/21 3:15 p.m.342 views

CVE-2020-14781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

4.3CVSS3.5AI score0.00117EPSS
CVE
CVEadded 2020/07/30 9:15 p.m.325 views

CVE-2020-16166

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.

4.3CVSS5.6AI score0.01848EPSS
CVE
CVEadded 2021/04/01 6:15 p.m.324 views

CVE-2021-22890

curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived fro...

4.3CVSS4.9AI score0.00143EPSS
CVE
CVEadded 2020/10/21 3:15 p.m.312 views

CVE-2020-14779

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul...

4.3CVSS3.7AI score0.00138EPSS
CVE
CVEadded 2021/10/20 11:17 a.m.304 views

CVE-2021-35603

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated a...

4.3CVSS4.2AI score0.00104EPSS
CVE
CVEadded 2022/01/19 12:15 p.m.297 views

CVE-2022-21248

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerabili...

4.3CVSS3.8AI score0.00111EPSS
CVE
CVEadded 2020/10/21 3:15 p.m.295 views

CVE-2020-14797

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS3.7AI score0.00174EPSS
CVE
CVEadded 2022/04/19 9:15 p.m.290 views

CVE-2022-21443

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit v...

4.3CVSS4.5AI score0.00058EPSS
CVE
CVEadded 2022/07/07 1:15 p.m.236 views

CVE-2022-32205

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larg...

4.3CVSS6.2AI score0.00189EPSS
CVE
CVEadded 2019/12/25 4:15 a.m.219 views

CVE-2019-19965

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.

4.7CVSS6.2AI score0.00061EPSS
CVE
CVEadded 2022/02/16 7:15 p.m.218 views

CVE-2021-3753

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

4.7CVSS6AI score0.0001EPSS
CVE
CVEadded 2019/11/28 12:15 a.m.174 views

CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

4.4CVSS6AI score0.0036EPSS