Show filters
125 topics marked with the following tags:
Displaying 1-10 of 125
Sort by:
Attacker Value
Moderate

CVE-2019-12256 - VxWorks IPv4 Options Buffer Overflow

Disclosure Date: August 09, 2019 (last updated December 06, 2023)
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
Attacker Value
Low

Amnesia:33

Last updated December 08, 2020
[Amnesia:33](https://www.forescout.com/company/resources/amnesia33-how-tcp-ip-stacks-breed-critical-vulnerabilities-in-iot-ot-and-it-devices/) is a group of 33 vulnerabilities in open-source TCP/IP stack libraries. The vulnerabilities may be present in a wide range of operational technology, IoT, and connected device implementations.
8
Attacker Value
Low

CVE-2024-31497

Disclosure Date: April 15, 2024 (last updated May 11, 2024)
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not…
Attacker Value
Very Low

CVE-2024-24942

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
Attacker Value
Moderate

Chrome Cookie Extraction

Last updated March 16, 2020
Extract cookies from Chrome using Chrome's Remote Debugging Protocol
0
Attacker Value
Low

CVE-2022-1471

Disclosure Date: December 01, 2022 (last updated October 08, 2023)
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
Attacker Value
High

CVE-2023-50164

Disclosure Date: December 07, 2023 (last updated December 21, 2023)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
Attacker Value
Very Low

CVE-2020-13668

Disclosure Date: February 11, 2022 (last updated October 07, 2023)
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.
Attacker Value
Very Low

CVE-2020-14932

Disclosure Date: June 20, 2020 (last updated November 28, 2024)
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
Attacker Value
Very High

CVE-2019-0230

Disclosure Date: September 14, 2020 (last updated November 08, 2023)
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.