- EPSS 0.48%
- Veröffentlicht 31.07.2020 22:15:11
- Zuletzt bearbeitet 21.11.2024 05:02:58
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font val...
- EPSS 0.47%
- Veröffentlicht 31.07.2020 22:15:11
- Zuletzt bearbeitet 21.11.2024 05:02:58
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subseque...
CVE-2019-15604
- EPSS 20.46%
- Veröffentlicht 07.02.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:06
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
CVE-2019-15605
- EPSS 57.13%
- Veröffentlicht 07.02.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:06
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVE-2019-15606
- EPSS 20.04%
- Veröffentlicht 07.02.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:07
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
CVE-2019-19339
- EPSS 0.31%
- Veröffentlicht 17.01.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:34:36
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local ca...
CVE-2020-2654
- EPSS 3.82%
- Veröffentlicht 15.01.2020 17:15:24
- Zuletzt bearbeitet 21.11.2024 05:25:54
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
CVE-2020-2659
- EPSS 4.2%
- Veröffentlicht 15.01.2020 17:15:24
- Zuletzt bearbeitet 21.11.2024 05:25:55
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated at...
CVE-2020-2601
- EPSS 4.2%
- Veröffentlicht 15.01.2020 17:15:20
- Zuletzt bearbeitet 21.11.2024 05:25:41
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau...
CVE-2020-2604
- EPSS 4.9%
- Veröffentlicht 15.01.2020 17:15:20
- Zuletzt bearbeitet 21.11.2024 05:25:42
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows...