Количество 314 458
Количество 314 458
GHSA-2hrh-gpc2-3ghv
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
GHSA-2hrg-xmqp-9q4v
A stored cross-site scripting (XSS) vulnerability in the component install\index.php of MyBB v1.8.38 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Name parameter.
GHSA-2hrc-j4gc-h2p8
In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix table blob use-after-free We are not allowed to return an error at this point. Looking at the code it looks like ret is always 0 at this point, but its not. t = find_table_lock(net, repl->name, &ret, &ebt_mutex); ... this can return a valid table, with ret != 0. This bug causes update of table->private with the new blob, but then frees the blob right away in the caller. Syzbot report: BUG: KASAN: vmalloc-out-of-bounds in __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168 Read of size 4 at addr ffffc90005425000 by task kworker/u4:4/74 Workqueue: netns cleanup_net Call Trace: kasan_report+0xbf/0x1f0 mm/kasan/report.c:517 __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168 ebt_unregister_table+0x35/0x40 net/bridge/netfilter/ebtables.c:1372 ops_exit_list+0xb0/0x170 net/core/net_namespace.c:169 cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:6...
GHSA-2hrc-c28p-9f59
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client's certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136).
GHSA-2hrc-84vr-w5j5
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.
GHSA-2hr9-g6r3-jv5j
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car.
GHSA-2hr6-998x-mj94
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.
GHSA-2hr5-cvwp-jr5w
Oqtane Framework Insecure Direct Object Reference vulnerability
GHSA-2hr5-6qwp-r4jj
vBulletin before 5.5.4 allows clickjacking.
GHSA-2hr4-jcq5-r7fq
The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.
GHSA-2hr4-7jx8-v3gp
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
GHSA-2hr3-rh39-x685
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations."
GHSA-2hr2-h6cw-gfqc
Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument.
GHSA-2hr2-cc65-w687
The web interface in RSA NetWitness 11.7.2.0 allows Cross-Site Scripting (XSS) via the Where textbox on the Reports screen during new rule creation.
GHSA-2hr2-38g6-9fcj
A Windows NT domain user or administrator account has a guessable password.
GHSA-2hqx-w327-2vjj
Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs.
GHSA-2hqx-mp7w-6wgm
Rejected reason: The reserved CVE was never used.
GHSA-2hqw-mcx8-2828
The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound connection being established to a possibly malicious remote TLS server and hence disclose information. Integrity and Availability are not impacted.
GHSA-2hqv-x23m-4c88
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
GHSA-2hqr-q2mf-m3h8
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-2hrh-gpc2-3ghv The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). | CVSS3: 9.8 | 2% Низкий | больше 3 лет назад | |
GHSA-2hrg-xmqp-9q4v A stored cross-site scripting (XSS) vulnerability in the component install\index.php of MyBB v1.8.38 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Name parameter. | CVSS3: 5.4 | 1% Низкий | около 1 года назад | |
GHSA-2hrc-j4gc-h2p8 In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix table blob use-after-free We are not allowed to return an error at this point. Looking at the code it looks like ret is always 0 at this point, but its not. t = find_table_lock(net, repl->name, &ret, &ebt_mutex); ... this can return a valid table, with ret != 0. This bug causes update of table->private with the new blob, but then frees the blob right away in the caller. Syzbot report: BUG: KASAN: vmalloc-out-of-bounds in __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168 Read of size 4 at addr ffffc90005425000 by task kworker/u4:4/74 Workqueue: netns cleanup_net Call Trace: kasan_report+0xbf/0x1f0 mm/kasan/report.c:517 __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168 ebt_unregister_table+0x35/0x40 net/bridge/netfilter/ebtables.c:1372 ops_exit_list+0xb0/0x170 net/core/net_namespace.c:169 cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:6... | 0% Низкий | около 1 месяца назад | ||
GHSA-2hrc-c28p-9f59 strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client's certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136). | CVSS3: 7.7 | 0% Низкий | больше 1 года назад | |
GHSA-2hrc-84vr-w5j5 Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content. | 1% Низкий | почти 4 года назад | ||
GHSA-2hr9-g6r3-jv5j Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car. | CVSS3: 9.8 | 4% Низкий | больше 3 лет назад | |
GHSA-2hr6-998x-mj94 Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument. | 37% Средний | больше 3 лет назад | ||
GHSA-2hr5-cvwp-jr5w Oqtane Framework Insecure Direct Object Reference vulnerability | CVSS3: 4.3 | 0% Низкий | около 1 года назад | |
GHSA-2hr5-6qwp-r4jj vBulletin before 5.5.4 allows clickjacking. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад | |
GHSA-2hr4-jcq5-r7fq The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад | |
GHSA-2hr4-7jx8-v3gp The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад | |
GHSA-2hr3-rh39-x685 The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." | 1% Низкий | почти 4 года назад | ||
GHSA-2hr2-h6cw-gfqc Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument. | 1% Низкий | почти 4 года назад | ||
GHSA-2hr2-cc65-w687 The web interface in RSA NetWitness 11.7.2.0 allows Cross-Site Scripting (XSS) via the Where textbox on the Reports screen during new rule creation. | CVSS3: 4.6 | 0% Низкий | около 1 года назад | |
GHSA-2hr2-38g6-9fcj A Windows NT domain user or administrator account has a guessable password. | 1% Низкий | почти 4 года назад | ||
GHSA-2hqx-w327-2vjj Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. | CVSS3: 9.8 | 1% Низкий | около 3 лет назад | |
GHSA-2hqx-mp7w-6wgm Rejected reason: The reserved CVE was never used. | 17 дней назад | |||
GHSA-2hqw-mcx8-2828 The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound connection being established to a possibly malicious remote TLS server and hence disclose information. Integrity and Availability are not impacted. | CVSS3: 3.5 | 0% Низкий | 7 месяцев назад | |
GHSA-2hqv-x23m-4c88 ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station. | CVSS3: 7.2 | 0% Низкий | 5 месяцев назад | |
GHSA-2hqr-q2mf-m3h8 Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу