CVE-2019-15605
- EPSS 57.13%
- Veröffentlicht 07.02.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:06
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVE-2019-15606
- EPSS 20.04%
- Veröffentlicht 07.02.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:07
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
CVE-2015-6815
- EPSS 0.98%
- Veröffentlicht 31.01.2020 22:15:11
- Zuletzt bearbeitet 21.11.2024 02:35:42
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecifie...
CVE-2015-0294
- EPSS 1.59%
- Veröffentlicht 27.01.2020 16:15:10
- Zuletzt bearbeitet 21.11.2024 02:22:45
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
CVE-2019-14907
- EPSS 3.15%
- Veröffentlicht 21.01.2020 18:15:12
- Zuletzt bearbeitet 14.01.2025 19:29:55
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st...
CVE-2019-19339
- EPSS 0.31%
- Veröffentlicht 17.01.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:34:36
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local ca...
CVE-2019-9503
- EPSS 3.28%
- Veröffentlicht 16.01.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:51:44
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will c...
CVE-2020-2654
- EPSS 3.82%
- Veröffentlicht 15.01.2020 17:15:24
- Zuletzt bearbeitet 21.11.2024 05:25:54
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
CVE-2020-2655
- EPSS 3.61%
- Veröffentlicht 15.01.2020 17:15:24
- Zuletzt bearbeitet 21.11.2024 05:25:54
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to comprom...
CVE-2020-2659
- EPSS 4.2%
- Veröffentlicht 15.01.2020 17:15:24
- Zuletzt bearbeitet 21.11.2024 05:25:55
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated at...