Vulnerabilidades em [UNKNOWN]
240 resultadosCVE-2016-2123HIGHA flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attaEPSS 6.2%CVE-2018-14643CRITICALAn authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remoEPSS 6.0%CVE-2016-5402HIGHA code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker wEPSS 5.9%CVE-2018-14629MEDIUMA denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead toEPSS 5.2%CVE-2018-1060MEDIUMpython before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. AnEPSS 5.1%CVE-2018-10900HIGHNetwork Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line characEPSS 5.1%CVE-2018-16874MEDIUMIn Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path oEPSS 5.0%CVE-2018-1061MEDIUMpython before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK meEPSS 5.0%CVE-2019-3804HIGHIt was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. AnEPSS 4.9%CVE-2018-14644MEDIUMAn issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type likEPSS 4.8%CVE-2017-2637CRITICALA design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd isEPSS 4.8%CVE-2018-10916MEDIUMIt has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrEPSS 4.8%CVE-2017-2669LOWDovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the useEPSS 4.6%CVE-2017-7481MEDIUMAnsible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the resultsEPSS 4.6%CVE-2018-16841MEDIUMSamba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-EPSS 4.6%CVE-2018-14630HIGHmoodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution.EPSS 4.4%CVE-2018-1121LOWprocps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascEPSS 4.2%CVE-2019-14894HIGHA flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code executEPSS 4.1%CVE-2018-10873HIGHA vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bouEPSS 3.9%CVE-2018-14622MEDIUMA null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked iEPSS 3.9%