Search
Total
9231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8651 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2019-10-09 | 2.7 LOW | 3.5 LOW |
| An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image. | |||||
| CVE-2016-8612 | 3 Apache, Netapp, Redhat | 3 Http Server, Storage Automation Store, Enterprise Linux | 2019-10-09 | 3.3 LOW | 4.3 MEDIUM |
| Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. | |||||
| CVE-2016-8626 | 1 Redhat | 4 Ceph, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-10-09 | 6.8 MEDIUM | 6.5 MEDIUM |
| A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests. | |||||
| CVE-2016-8647 | 1 Redhat | 2 Ansible Engine, Virtualization | 2019-10-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. | |||||
| CVE-2016-8611 | 1 Openstack | 1 Glance | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation. | |||||
| CVE-2016-9578 | 3 Debian, Redhat, Spice Project | 7 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 4 more | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. | |||||
| CVE-2016-9494 | 1 Hughes | 8 Dw7000, Dw7000 Firmware, Hn7000s and 5 more | 2019-10-09 | 3.3 LOW | 6.5 MEDIUM |
| Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service. | |||||
| CVE-2016-9749 | 1 Ibm | 1 Campaign | 2019-10-09 | 2.1 LOW | 3.3 LOW |
| IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206. | |||||
| CVE-2016-9579 | 2 Canonical, Redhat | 8 Ubuntu Linux, Ceph Storage, Ceph Storage Mon and 5 more | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches 1.3.x and 2.x are affected. | |||||
| CVE-2016-7074 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading to the possibility of parsing records that are not covered by the TSIG signature. | |||||
| CVE-2016-7073 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack. | |||||
| CVE-2016-7069 | 1 Powerdns | 1 Dnsdist | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to the initial client. On a 32-bit system, the pointer arithmetic used when parsing the received response to remove that record might trigger an undefined behavior leading to a crash. | |||||
| CVE-2016-6567 | 1 Shdesigns | 1 Resident Download Manager | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is authentic before executing code and deploying the firmware to devices. A remote attacker with the ability to send UDP traffic to the device may be able to execute arbitrary code on the device. According to SHDesigns' website, the Resident Download Manager and other Rabbit Tools have been discontinued since June 2011. | |||||
| CVE-2016-6560 | 1 Illumos | 1 Illumos | 2019-10-09 | 7.8 HIGH | 8.6 HIGH |
| illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. | |||||
| CVE-2016-6542 | 1 Ieasytec | 1 Itrackeasy | 2019-10-09 | 4.3 MEDIUM | 3.7 LOW |
| The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device's BLE MAC address. | |||||
| CVE-2016-6565 | 1 Imagely | 1 Nextgen Gallery | 2019-10-09 | 6.0 MEDIUM | 7.5 HIGH |
| The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). | |||||
| CVE-2016-2125 | 2 Redhat, Samba | 8 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 5 more | 2019-10-09 | 3.3 LOW | 6.5 MEDIUM |
| It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. | |||||
| CVE-2016-1586 | 1 Oxide Project | 1 Oxide | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. | |||||
| CVE-2016-10543 | 1 Call Project | 1 Call | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| call is an HTTP router that is primarily used by the hapi framework. There exists a bug in call versions 2.0.1-3.0.1 that does not validate empty parameters, which could result in invalid input bypassing the route validation rules. | |||||
| CVE-2016-10520 | 1 Jadedown Project | 1 Jadedown | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. | |||||
| CVE-2016-10521 | 1 Jshamcrest Project | 1 Jshamcrest | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator. | |||||
| CVE-2016-10542 | 1 Ws Project | 1 Ws | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| ws is a "simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455". By sending an overly long websocket payload to a `ws` server, it is possible to crash the node process. This affects ws 1.1.0 and earlier. | |||||
| CVE-2016-10540 | 1 Minimatch Project | 1 Minimatch | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch(path, pattern)` in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the `pattern` parameter. | |||||
| CVE-2016-10539 | 1 Negotiator Project | 1 Negotiator | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string. | |||||
| CVE-2016-10544 | 1 Uws Project | 1 Uws | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8. | |||||
| CVE-2015-9239 | 1 Ansi2html Project | 1 Ansi2html | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. | |||||
| CVE-2015-9241 | 1 Hapijs | 1 Hapi | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal access' exception to be raised. Instead of sending a HTTP 500 error back to the sender, hapi node module before 11.1.3 will continue to hold the socket open until timed out (default node timeout is 2 minutes). | |||||
| CVE-2015-7559 | 1 Apache | 1 Activemq | 2019-10-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. | |||||
| CVE-2015-9242 | 1 Ecstatic Project | 1 Ecstatic | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Certain input strings when passed to new Date() or Date.parse() in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header. | |||||
| CVE-2015-6461 | 1 Schneider-electric | 22 Bmxnoc0401, Bmxnoc0401 Firmware, Bmxnoe0100 and 19 more | 2019-10-09 | 5.5 MEDIUM | 5.4 MEDIUM |
| Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page. | |||||
| CVE-2015-1326 | 1 Python-dbusmock Project | 1 Python-dbusmock | 2019-10-09 | 9.3 HIGH | 8.8 HIGH |
| python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file. | |||||
| CVE-2014-9186 | 1 Honeywell | 1 Experion Process Knowledge System | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | |||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2019-10-09 | 4.3 MEDIUM | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | |||||
| CVE-2014-2642 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.3 MEDIUM | N/A |
| HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2014-1426 | 1 Canonical | 1 Metal As A Service | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2. | |||||
| CVE-2014-0593 | 1 Opensuse | 1 Open Build Service | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server. | |||||
| CVE-2011-4182 | 1 Opensuse | 1 Sysconfig | 2019-10-09 | 6.8 MEDIUM | 8.1 HIGH |
| Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. Affected releases are sysconfig prior to 0.83.7-2.1. | |||||
| CVE-2011-4181 | 1 Opensuse | 1 Open Build Service | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3. | |||||
| CVE-2011-2405 | 1 Hp | 2 Proliant Sl Advanced Power Manager, Proliant Sl Advanced Power Manager Firmware | 2019-10-09 | 7.8 HIGH | N/A |
| The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware before 1.20 does not properly validate users, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2011-1853 | 1 Hp | 1 Intelligent Management Center | 2019-10-09 | 10.0 HIGH | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table. | |||||
| CVE-2011-1849 | 1 Hp | 1 Intelligent Management Center | 2019-10-09 | 10.0 HIGH | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request. | |||||
| CVE-2010-3283 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2010-3011 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
| CVE-2008-4559 | 1 Hp | 1 Openview Network Node Manager | 2019-10-09 | 10.0 HIGH | N/A |
| HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2007-4841 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2019-10-09 | 9.3 HIGH | N/A |
| Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7 installed, a variant of CVE-2007-3845. | |||||
| CVE-2019-16676 | 1 Plataformatec | 1 Simple Form | 2019-10-04 | 7.5 HIGH | 9.8 CRITICAL |
| Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. | |||||
| CVE-2019-9283 | 1 Google | 1 Android | 2019-10-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564 | |||||
| CVE-2017-6436 | 1 Libplist Project | 1 Libplist | 2019-10-03 | 1.9 LOW | 5.0 MEDIUM |
| The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | |||||
| CVE-2017-9350 | 1 Wireshark | 1 Wireshark | 2019-10-03 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length. | |||||
| CVE-2017-14635 | 1 Otrs | 1 Otrs | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection. | |||||