CVE-2016-2124
- EPSS 1.75%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 02:47:52
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
CVE-2021-3672
- EPSS 2.62%
- Veröffentlicht 23.11.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 06:22:07
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulner...
CVE-2021-3570
- EPSS 2.96%
- Veröffentlicht 09.07.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:52
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat f...
CVE-2020-14301
- EPSS 1.2%
- Veröffentlicht 27.05.2021 20:15:07
- Zuletzt bearbeitet 21.11.2024 05:02:57
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive inform...
CVE-2020-14355
- EPSS 2.66%
- Veröffentlicht 07.10.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:03:04
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious ...
- EPSS 6.62%
- Veröffentlicht 11.09.2020 17:15:18
- Zuletzt bearbeitet 23.02.2026 18:23:07
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th...
CVE-2020-2590
- EPSS 3.09%
- Veröffentlicht 15.01.2020 17:15:19
- Zuletzt bearbeitet 21.11.2024 05:25:39
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau...
CVE-2019-14816
- EPSS 0.91%
- Veröffentlicht 20.09.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:27:25
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-9506
- EPSS 2.69%
- Veröffentlicht 14.08.2019 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:51:45
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha...
CVE-2018-16878
- EPSS 0.44%
- Veröffentlicht 18.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:30
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS