Show filters
57 topics marked with the following tags:
Displaying 11-20 of 57
Sort by:
Attacker Value
Low

CVE-2020-3566 - Denial of service vulnerability in Cisco IOS XR

Disclosure Date: August 29, 2020 (last updated September 01, 2020)
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.
1
Attacker Value
Very Low

CVE-2020-14932

Disclosure Date: June 20, 2020 (last updated June 27, 2020)
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
Attacker Value
Very Low

CVE-2020-13668

Last updated September 17, 2020
Drupal 8 and 9 have a reflected cross-site scripting (XSS) vulnerability under certain circumstances. An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability.
1
Attacker Value
Low

CVE-2022-21839

Last updated January 10, 2022
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
1
Attacker Value
Moderate

CVE-2021-31955

Last updated June 08, 2021
Windows Kernel Information Disclosure Vulnerability The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. The team at Kaspersky have reported threat actors are exploiting this Microsoft Windows OS kernel vulnerability Source: https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
2
Attacker Value
Very Low

CVE-2018-19131

Disclosure Date: November 09, 2018 (last updated June 05, 2020)
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
Attacker Value
Very Low

CVE-2020-28054

Disclosure Date: November 19, 2020 (last updated December 04, 2020)
JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified (binary patched) and the Bypass Login functionality is being used, an attacker can request every Collector's functionality as if they were a properly logged-in user: administrating connected instances, reviewing logs, editing configurations, accessing the instances' consoles, accessing hardware configurations, etc.Exploiting this vulnerability won't grant an attacker access nor control on remote ISP servers as no credentials is sent with the request.
Attacker Value
Very Low

CVE-2020-10560

Disclosure Date: March 30, 2020 (last updated June 05, 2020)
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.
Attacker Value
Very Low

CVE-2017-16249

Disclosure Date: November 10, 2017 (last updated July 30, 2020)
The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.
Attacker Value
Very Low

CVE-2017-9798

Disclosure Date: September 18, 2017 (last updated October 16, 2020)
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.