Skip to main content

Opensuse

1196 CVEs product

Monthly

CVE-2012-4288 LOW POC PATCH Monitor

Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Opensuse Sunos Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.0%
CVE-2012-4285 LOW POC PATCH Monitor

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Opensuse Enterprise Linux Sunos Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.4%
CVE-2012-3425 MEDIUM This Month

The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Ubuntu Linux Libpng Opensuse +1
NVD
CVSS 2.0
4.3
EPSS
3.2%
CVE-2012-3867 Ruby MEDIUM POC PATCH This Month

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Puppet Debian Linux Ubuntu Linux Opensuse +3
NVD GitHub
CVSS 2.0
4.3
EPSS
1.4%
CVE-2012-4049 LOW POC Monitor

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.

Code Injection Denial Of Service RCE Wireshark Opensuse
NVD
CVSS 2.0
2.9
EPSS
0.6%
CVE-2012-2751 MEDIUM This Month

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Modsecurity Opensuse Debian Linux Http Server
NVD
CVSS 2.0
4.3
EPSS
1.9%
CVE-2012-0867 MEDIUM This Month

PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure PostgreSQL Opensuse Debian Linux Desktop Workstation +7
NVD
CVSS 2.0
4.3
EPSS
1.9%
CVE-2012-2040 CRITICAL Act Now

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Information Disclosure Google Microsoft Flash Player +3
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2012-2039 CRITICAL Act Now

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Null Pointer Dereference Denial Of Service Adobe Microsoft +10
NVD
CVSS 2.0
9.3
EPSS
3.9%
CVE-2012-2038 MEDIUM This Month

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Information Disclosure Google Microsoft Flash Player +8
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2012-2037 CRITICAL Act Now

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Denial Of Service Buffer Overflow Adobe Microsoft +10
NVD
CVSS 2.0
9.3
EPSS
4.3%
CVE-2012-2036 CRITICAL Act Now

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Adobe Microsoft Integer Overflow RCE +9
NVD
CVSS 2.0
9.3
EPSS
4.5%
CVE-2012-2035 CRITICAL Act Now

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Buffer Overflow Adobe Memory Corruption Microsoft +10
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2012-1938 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2012-1798 MEDIUM PATCH This Month

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick Debian Linux +8
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2012-1610 HIGH PATCH This Week

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Integer Overflow Imagemagick Debian Linux +2
NVD
CVSS 3.1
7.5
EPSS
7.0%
CVE-2012-1186 MEDIUM PATCH This Month

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Imagemagick Debian Linux Ubuntu Linux Opensuse
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2012-1185 HIGH PATCH This Week

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service Integer Overflow Imagemagick +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2012-0260 MEDIUM PATCH This Month

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Imagemagick Ubuntu Linux Debian Linux Storage +7
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2012-0259 MEDIUM PATCH This Month

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Imagemagick Debian Linux +2
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2012-0883 MEDIUM PATCH This Month

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the. Rated medium severity (CVSS 6.9).

Apache Information Disclosure Http Server Opensuse Apache HTTP Server
NVD
CVSS 2.0
6.9
EPSS
0.2%
CVE-2012-0449 CRITICAL PATCH Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +7
NVD
CVSS 2.0
9.3
EPSS
3.9%
CVE-2012-0444 CRITICAL POC Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
10.0
EPSS
8.6%
CVE-2012-0442 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +7
NVD
CVSS 2.0
9.3
EPSS
1.4%
CVE-2012-0053 MEDIUM POC PATCH THREAT This Month

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 56.0%.

Apache Information Disclosure Http Server Debian Linux Opensuse +9
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
56.0%
Threat
4.0
CVE-2012-0031 MEDIUM POC This Month

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apache Http Server Debian Linux Opensuse +10
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
1.2%
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Opensuse Sunos +1
NVD
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Opensuse Enterprise Linux +2
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Ubuntu Linux +3
NVD
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Puppet Debian Linux +5
NVD GitHub
EPSS 1% CVSS 2.9
LOW POC Monitor

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU. Rated low severity (CVSS 2.9). Public exploit code available and no vendor patch available.

Code Injection Denial Of Service RCE +2
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Modsecurity Opensuse +2
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure PostgreSQL Opensuse +9
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Information Disclosure Google +5
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Null Pointer Dereference Denial Of Service +12
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Information Disclosure Google +10
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Denial Of Service Buffer Overflow +12
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Adobe Microsoft +11
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Buffer Overflow Adobe +12
NVD
EPSS 1% CVSS 9.3
CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla +14
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +10
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Integer Overflow +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Imagemagick Debian Linux +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service +5
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Imagemagick Ubuntu Linux +9
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure +4
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the. Rated medium severity (CVSS 6.9).

Apache Information Disclosure Http Server +2
NVD
EPSS 4% CVSS 9.3
CRITICAL PATCH Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla +9
NVD
EPSS 9% CVSS 10.0
CRITICAL POC Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla +10
NVD
EPSS 1% CVSS 9.3
CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla +9
NVD
EPSS 56% 4.0 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 56.0%.

Apache Information Disclosure Http Server +11
NVD Exploit-DB
EPSS 1% CVSS 4.6
MEDIUM POC This Month

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apache Http Server +12
NVD Exploit-DB
Prev Page 14 of 14

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy