CVE-2019-1551
- EPSS 14.3%
- Veröffentlicht 06.12.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:36:48
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this d...
CVE-2012-2130
- EPSS 2.2%
- Veröffentlicht 06.12.2019 18:15:10
- Zuletzt bearbeitet 21.11.2024 01:38:33
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.
CVE-2019-5544
- EPSS 96.82%
- Veröffentlicht 06.12.2019 16:15:11
- Zuletzt bearbeitet 30.10.2025 19:52:21
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
CVE-2012-1615
- EPSS 0.36%
- Veröffentlicht 06.12.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 01:37:19
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file.
CVE-2019-19334
- EPSS 3.87%
- Veröffentlicht 06.12.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 04:34:35
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this fl...
CVE-2012-1114
- EPSS 1.58%
- Veröffentlicht 05.12.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 01:36:27
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVE-2012-1115
- EPSS 1.58%
- Veröffentlicht 05.12.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 01:36:28
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVE-2012-1105
- EPSS 0.46%
- Veröffentlicht 05.12.2019 19:15:15
- Zuletzt bearbeitet 21.11.2024 01:36:26
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
CVE-2018-1002102
- EPSS 0.62%
- Veröffentlicht 05.12.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 03:40:38
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the r...
CVE-2019-19579
- EPSS 0.45%
- Veröffentlicht 04.12.2019 22:15:15
- Zuletzt bearbeitet 21.11.2024 04:34:59
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-1...