Vulnerabilidades em [UNKNOWN]
240 resultadosCVE-2018-10889MEDIUMA flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain EPSS 2.1%CVE-2018-16846MEDIUMIt was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indEPSS 2.1%CVE-2018-10891MEDIUMA flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the questEPSS 2.1%CVE-2017-2673MEDIUMAn authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federEPSS 2.1%CVE-2016-2120HIGHAn issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash theEPSS 2.0%CVE-2018-1126MEDIUMprocps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. ThEPSS 2.0%CVE-2017-7464HIGHIt was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker coulEPSS 1.9%CVE-2018-1073MEDIUMThe web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, alloEPSS 1.9%CVE-2017-7468MEDIUMIn curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changedEPSS 1.9%CVE-2019-14842HIGHStructured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed EPSS 1.8%CVE-2018-1124HIGHprocps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allowEPSS 1.8%CVE-2017-2609MEDIUMjenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autoEPSS 1.8%CVE-2018-14631HIGHmoodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumEPSS 1.8%CVE-2018-1067MEDIUMIn Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerEPSS 1.8%CVE-2017-2617HIGHhawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a craEPSS 1.7%CVE-2020-10740MEDIUMA vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise ApEPSS 1.7%CVE-2017-2613MEDIUMjenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained untEPSS 1.7%CVE-2016-6343MEDIUMJBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to EPSS 1.7%CVE-2018-10847MEDIUMprosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated wiEPSS 1.7%CVE-2019-14856MEDIUMansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a NoneEPSS 1.6%