Lucene search

K
OpensuseLeap

1897 matches found

CVE
CVE
added 2019/04/08 10:29 p.m.14224 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually ro...

7.8CVSS7.2AI score0.86076EPSS
CVE
CVE
added 2014/06/05 9:55 p.m.12801 views

CVE-2014-3470

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certifi...

4.3CVSS7.4AI score0.90829EPSS
CVE
CVE
added 2020/08/07 4:15 p.m.11753 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

9.8CVSS9.3AI score0.82217EPSS
CVE
CVE
added 2020/04/29 10:15 p.m.6945 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.02566EPSS
CVE
CVE
added 2020/04/02 12:15 a.m.5762 views

CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

6.1CVSS6.7AI score0.12344EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.5687 views

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

7.8CVSS7.7AI score0.04868EPSS
CVE
CVE
added 2020/04/01 8:15 p.m.5363 views

CVE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.

5.3CVSS6AI score0.36779EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.5223 views

CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the byt...

7.8CVSS7.7AI score0.04499EPSS
CVE
CVE
added 2018/11/07 2:29 p.m.5173 views

CVE-2018-16843

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configura...

7.8CVSS7.3AI score0.53338EPSS
CVE
CVE
added 2018/07/06 4:29 p.m.4909 views

CVE-2018-10892

The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.

6.3CVSS5.3AI score0.00189EPSS
CVE
CVE
added 2018/11/07 2:29 p.m.4439 views

CVE-2018-16845

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affe...

8.2CVSS6.4AI score0.04463EPSS
CVE
CVE
added 2019/06/11 9:29 p.m.4406 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.4AI score0.22292EPSS
CVE
CVE
added 2020/02/24 10:15 p.m.4089 views

CVE-2020-1938

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS9.9AI score0.94465EPSS
CVE
CVE
added 2020/01/09 9:15 p.m.3957 views

CVE-2019-20372

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

5.3CVSS5.2AI score0.75073EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.3742 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a d...

10CVSS8.2AI score0.94448EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.3727 views

CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to...

7.8CVSS6.8AI score0.15262EPSS
CVE
CVE
added 2019/04/08 9:29 p.m.3380 views

CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.

7.5CVSS7.5AI score0.32738EPSS
CVE
CVE
added 2019/09/26 4:15 p.m.3329 views

CVE-2019-10092

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with pro...

6.1CVSS7.3AI score0.84912EPSS
CVE
CVE
added 2020/08/07 4:15 p.m.3124 views

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for...

7.5CVSS8.3AI score0.77184EPSS
CVE
CVE
added 2020/08/07 4:15 p.m.2994 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this v...

7.5CVSS8.6AI score0.36966EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.2977 views

CVE-2019-9516

Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for ...

7.5CVSS7.3AI score0.02479EPSS
CVE
CVE
added 2019/03/09 12:29 a.m.2520 views

CVE-2019-9641

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

9.8CVSS9.2AI score0.36823EPSS
CVE
CVE
added 2020/07/13 1:15 p.m.2486 views

CVE-2019-20907

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.

7.5CVSS7.6AI score0.00407EPSS
CVE
CVE
added 2020/01/30 7:15 p.m.2276 views

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

7.1CVSS7AI score0.03095EPSS
CVE
CVE
added 2018/11/07 5:29 a.m.2269 views

CVE-2018-19052

An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target fil...

7.5CVSS7.3AI score0.29558EPSS
CVE
CVE
added 2019/04/20 12:29 a.m.2210 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.01294EPSS
CVE
CVE
added 2019/06/11 10:29 p.m.2100 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server t...

4.9CVSS5.5AI score0.01492EPSS
CVE
CVE
added 2020/10/02 3:15 p.m.1600 views

CVE-2020-7069

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.

6.5CVSS6.2AI score0.07085EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.1570 views

CVE-2019-9020

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrp...

9.8CVSS8.4AI score0.02131EPSS
CVE
CVE
added 2018/10/09 5:29 p.m.1524 views

CVE-2018-18074

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

7.5CVSS6.7AI score0.00215EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.1415 views

CVE-2016-5387

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary ...

8.1CVSS8AI score0.71301EPSS
CVE
CVE
added 2020/04/30 5:15 p.m.1397 views

CVE-2020-11651

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the sal...

9.8CVSS9.6AI score0.9439EPSS
CVE
CVE
added 2020/02/24 10:15 p.m.1387 views

CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse prox...

5.8CVSS7.4AI score0.00455EPSS
CVE
CVE
added 2020/11/03 3:15 a.m.1337 views

CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.80718EPSS
CVE
CVE
added 2020/05/20 7:15 p.m.1327 views

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the Persisten...

7CVSS7.5AI score0.93247EPSS
CVE
CVE
added 2016/02/15 7:59 p.m.1316 views

CVE-2016-0746

Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.

9.8CVSS9.5AI score0.11485EPSS
CVE
CVE
added 2020/04/30 5:15 p.m.1306 views

CVE-2020-11652

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

6.5CVSS7.8AI score0.942EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.1291 views

CVE-2019-13720

Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.1AI score0.90359EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.1291 views

CVE-2019-9021

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the fil...

9.8CVSS8.5AI score0.21389EPSS
CVE
CVE
added 2020/07/22 5:15 p.m.1281 views

CVE-2020-6514

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

6.5CVSS7.3AI score0.09912EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.1276 views

CVE-2019-9024

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.

7.5CVSS8.3AI score0.09247EPSS
CVE
CVE
added 2019/11/01 11:15 p.m.1251 views

CVE-2019-6470

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releas...

7.5CVSS6.7AI score0.002EPSS
CVE
CVE
added 2020/10/02 3:15 p.m.1207 views

CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being...

5.3CVSS6.5AI score0.15525EPSS
CVE
CVE
added 2019/12/23 5:15 p.m.1155 views

CVE-2019-17563

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this...

7.5CVSS7.7AI score0.05954EPSS
CVE
CVE
added 2020/11/06 8:15 a.m.1140 views

CVE-2020-16846

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.

9.8CVSS9.3AI score0.94387EPSS
CVE
CVE
added 2019/02/22 11:29 p.m.1125 views

CVE-2019-9023

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regco...

9.8CVSS8.5AI score0.16178EPSS
CVE
CVE
added 2019/03/08 9:29 p.m.1082 views

CVE-2019-9636

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse...

9.8CVSS9.4AI score0.09135EPSS
CVE
CVE
added 2019/06/19 11:15 p.m.1056 views

CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

9.8CVSS9.6AI score0.01409EPSS
CVE
CVE
added 2016/05/05 6:59 p.m.1051 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

5.8CVSS6.3AI score0.88973EPSS
CVE
CVE
added 2016/02/16 2:59 a.m.1048 views

CVE-2016-0752

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a...

7.5CVSS6.1AI score0.91051EPSS
Total number of security vulnerabilities1897