| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15980 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter. | ||
| CVE-2017-15979 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter. | ||
| CVE-2017-15978 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. | ||
| CVE-2017-15977 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | ||
| CVE-2015-9245 | Cri | 0.64 | 9.8 | 0.02 | Oct 31, 2017 | Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931. | ||
| CVE-2017-10151 | Cri | 0.65 | 10.0 | 0.04 | Oct 30, 2017 | Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via… | ||
| CVE-2014-0073 | Cri | 0.57 | 9.8 | 0.08 | Oct 30, 2017 | The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote… | ||
| CVE-2013-4366 | Cri | 0.57 | 9.8 | 0.02 | Oct 30, 2017 | http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification. | ||
| CVE-2012-4449 | Cri | 0.64 | 9.8 | 0.01 | Oct 30, 2017 | Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack. | ||
| CVE-2017-15597 | Cri | 0.59 | 9.1 | 0.03 | Oct 30, 2017 | An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a… | ||
| CVE-2015-3249 | Cri | 0.64 | 9.8 | 0.05 | Oct 30, 2017 | The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2)… | ||
| CVE-2014-3624 | Cri | 0.64 | 9.8 | 0.04 | Oct 30, 2017 | Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT. | ||
| CVE-2012-5358 | Cri | 0.64 | 9.8 | 0.02 | Oct 30, 2017 | The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial… | ||
| CVE-2012-5357 | Cri | 0.72 | 9.8 | 0.68 | Oct 30, 2017 | Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data. | ||
| CVE-2017-16228 | Cri | 0.57 | 9.8 | 0.03 | Oct 29, 2017 | Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117. | ||
| CVE-2017-15999 | Cri | 0.64 | 9.8 | 0.01 | Oct 29, 2017 | In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it… | ||
| CVE-2017-15994 | Cri | 0.64 | 9.8 | 0.01 | Oct 29, 2017 | rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use… | ||
| CVE-2017-15976 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604. | ||
| CVE-2017-15975 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461. | ||
| CVE-2017-15974 | Cri | 0.67 | 9.8 | 0.04 | Oct 29, 2017 | tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php. | ||
| CVE-2017-15973 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | ||
| CVE-2017-15972 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971. | ||
| CVE-2017-15971 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972. | ||
| CVE-2017-15970 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | ||
| CVE-2017-15969 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. | ||
| CVE-2017-15968 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter. | ||
| CVE-2017-15967 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template. | ||
| CVE-2017-15966 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | ||
| CVE-2017-15965 | Cri | 0.67 | 9.8 | 0.03 | Oct 29, 2017 | The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. | ||
| CVE-2017-15964 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. | ||
| CVE-2017-15963 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. | ||
| CVE-2017-15962 | Cri | 0.67 | 9.8 | 0.05 | Oct 29, 2017 | iStock Management System 1.0 allows Arbitrary File Upload via user/profile. | ||
| CVE-2017-15961 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. | ||
| CVE-2017-15960 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. | ||
| CVE-2017-15959 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576. | ||
| CVE-2017-15958 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php. | ||
| CVE-2017-15946 | Cri | 0.64 | 9.8 | 0.01 | Oct 28, 2017 | In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET. | ||
| CVE-2014-3600 | Cri | 0.57 | 9.8 | 0.10 | Oct 27, 2017 | XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | ||
| CVE-2014-3579 | Cri | 0.57 | 9.8 | 0.05 | Oct 27, 2017 | XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | ||
| CVE-2016-5003 | Cri | 0.65 | 9.8 | 0.15 | Oct 27, 2017 | The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element. | ||
| CVE-2017-5053 | Cri | 0.63 | 9.6 | 0.03 | Oct 27, 2017 | An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf. | ||
| CVE-2017-15366 | Cri | 0.64 | 9.8 | 0.01 | Oct 26, 2017 | Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system… | ||
| CVE-2014-2023 | Cri | 0.67 | 9.8 | 0.04 | Oct 26, 2017 | Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in… | ||
| CVE-2012-1622 | Cri | 0.64 | 9.8 | 0.05 | Oct 26, 2017 | Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
| CVE-2017-15919 | Cri | 0.64 | 9.8 | 0.02 | Oct 26, 2017 | The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. | ||
| CVE-2017-15907 | Cri | 0.64 | 9.8 | 0.01 | Oct 26, 2017 | SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php. | ||
| CVE-2017-15909 | Cri | 0.64 | 9.8 | 0.02 | Oct 26, 2017 | D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. | ||
| CVE-2017-15222 | Cri | 0.72 | 9.8 | 0.60 | Oct 24, 2017 | Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | ||
| CVE-2017-14695 | Cri | 0.57 | 9.8 | 0.03 | Oct 24, 2017 | Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability… | ||
| CVE-2015-5172 | Cri | 0.57 | 9.8 | 0.01 | Oct 24, 2017 | Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links. |
- risk 0.67cvss 9.8epss 0.03
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.
- risk 0.67cvss 9.8epss 0.03
Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.
- risk 0.67cvss 9.8epss 0.03
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
- risk 0.67cvss 9.8epss 0.03
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
- risk 0.64cvss 9.8epss 0.02
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.
- risk 0.65cvss 10.0epss 0.04
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via…
- risk 0.57cvss 9.8epss 0.08
The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote…
- risk 0.57cvss 9.8epss 0.02
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors involving hostname verification.
- risk 0.64cvss 9.8epss 0.01
Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack.
- risk 0.59cvss 9.1epss 0.03
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a…
- risk 0.64cvss 9.8epss 0.05
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2)…
- risk 0.64cvss 9.8epss 0.04
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
- risk 0.64cvss 9.8epss 0.02
The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial…
- risk 0.72cvss 9.8epss 0.68
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
- risk 0.57cvss 9.8epss 0.03
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
- risk 0.64cvss 9.8epss 0.01
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it…
- risk 0.64cvss 9.8epss 0.01
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use…
- risk 0.67cvss 9.8epss 0.03
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
- risk 0.67cvss 9.8epss 0.03
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.
- risk 0.67cvss 9.8epss 0.04
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
- risk 0.67cvss 9.8epss 0.03
Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php.
- risk 0.67cvss 9.8epss 0.03
SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971.
- risk 0.67cvss 9.8epss 0.02
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.
- risk 0.67cvss 9.8epss 0.02
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter.
- risk 0.67cvss 9.8epss 0.02
PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.
- risk 0.67cvss 9.8epss 0.02
MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.
- risk 0.67cvss 9.8epss 0.02
Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template.
- risk 0.67cvss 9.8epss 0.03
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
- risk 0.67cvss 9.8epss 0.03
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
- risk 0.67cvss 9.8epss 0.02
Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.
- risk 0.67cvss 9.8epss 0.02
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.
- risk 0.67cvss 9.8epss 0.05
iStock Management System 1.0 allows Arbitrary File Upload via user/profile.
- risk 0.67cvss 9.8epss 0.02
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.
- risk 0.67cvss 9.8epss 0.02
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.
- risk 0.67cvss 9.8epss 0.02
Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.
- risk 0.67cvss 9.8epss 0.02
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
- risk 0.64cvss 9.8epss 0.01
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.
- risk 0.57cvss 9.8epss 0.10
XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
- risk 0.57cvss 9.8epss 0.05
XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
- risk 0.65cvss 9.8epss 0.15
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.
- risk 0.63cvss 9.6epss 0.03
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
- risk 0.64cvss 9.8epss 0.01
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system…
- risk 0.67cvss 9.8epss 0.04
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in…
- risk 0.64cvss 9.8epss 0.05
Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.
- risk 0.64cvss 9.8epss 0.02
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php.
- risk 0.64cvss 9.8epss 0.02
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access.
- risk 0.72cvss 9.8epss 0.60
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
- risk 0.57cvss 9.8epss 0.03
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability…
- risk 0.57cvss 9.8epss 0.01
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.