|
721
|
9.8
7.5
|
CRITICAL
Network
|
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contai…
|
CWE-444
HTTP Request Smuggling
|
CVE-2015-5741
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 11:33
2020-02-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
722
|
8.8
6.8
|
HIGH
Network
|
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "ty…
|
CWE-843
Type Confusion
|
CVE-2012-4512
|
cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 10:43
2020-02-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
723
|
9.8
7.5
|
CRITICAL
Network
|
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
|
NVD-CWE-Other
|
CVE-2019-15606
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:29
2020-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
724
|
9.8
7.5
|
CRITICAL
Network
|
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
|
CWE-444
HTTP Request Smuggling
|
CVE-2019-15605
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:29
2020-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
725
|
7.5
5.0
|
HIGH
Network
|
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
|
CWE-295
Improper Certificate Validation
|
CVE-2019-15604
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:29
2020-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
726
|
3.5
2.7
|
LOW
Adjacent
|
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of ser…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-6815
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 11:35
2020-02-1
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
727
|
7.5
5.0
|
HIGH
Network
|
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0294
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:5.0:*
|
|
|
|
|
2024-11-21 11:22
2020-01-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
728
|
6.5
2.6
|
MEDIUM
Network
|
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-14907
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:27
2020-01-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
729
|
6.5
4.9
|
MEDIUM
Local
|
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to phy…
|
NVD-CWE-noinfo
|
CVE-2019-19339
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:34
2020-01-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
730
|
8.3
7.9
|
HIGH
Adjacent
|
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a re…
|
CWE-20
Improper Input Validation
|
CVE-2019-9503
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 13:51
2020-01-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|