Show filters
94 Total Results
Displaying 51-60 of 94
Sort by:
Attacker Value
Unknown

CVE-2018-0735

Disclosure Date: October 29, 2018 (last updated November 08, 2023)
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Attacker Value
Unknown

CVE-2018-8032

Disclosure Date: August 02, 2018 (last updated November 08, 2023)
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Attacker Value
Unknown

CVE-2018-3076

Disclosure Date: July 18, 2018 (last updated November 27, 2024)
Vulnerability in the PeopleSoft Enterprise CS Financial Aid component of Oracle PeopleSoft Products (subcomponent: ISIR Processing). Supported versions that are affected are 9.0 and 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS Financial Aid. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise CS Financial Aid accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
0
Attacker Value
Unknown

CVE-2018-1000180

Disclosure Date: June 05, 2018 (last updated November 08, 2023)
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
0
Attacker Value
Unknown

CVE-2018-1000301

Disclosure Date: May 24, 2018 (last updated November 26, 2024)
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
0
Attacker Value
Unknown

CVE-2018-1000120

Disclosure Date: March 14, 2018 (last updated November 26, 2024)
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
0
Attacker Value
Unknown

CVE-2018-1000121

Disclosure Date: March 14, 2018 (last updated November 26, 2024)
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
0
Attacker Value
Unknown

CVE-2018-1000122

Disclosure Date: March 14, 2018 (last updated November 26, 2024)
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
0
Attacker Value
Unknown

CVE-2017-5645

Disclosure Date: April 17, 2017 (last updated November 08, 2023)
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
Attacker Value
Unknown

CVE-2011-3529

Disclosure Date: October 18, 2011 (last updated October 04, 2023)
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Talent Acquisition Manager.
0