CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-10001 – Netegrity SiteMinder Login smpwservicescgi.exe redirect
https://notcve.org/view.php?id=CVE-2005-10001
28 Mar 2022 — A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Se ha encontrado una vulnerabilidad en Netegrity SiteMinder versiones hasta 4.5.1, y Ha sido clas... • https://vuldb.com/?id.1022 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27939 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-27939
26 Mar 2022 — tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. tcprewrite en Tcpreplay versión 4.4.1, presenta una aserción alcanzable en la función get_layer4_v6 en el archivo common/get.c Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected. • https://github.com/appneta/tcpreplay/issues/717 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27941 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-27941
26 Mar 2022 — tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. tcprewrite en Tcpreplay versión 4.4.1 presenta una lectura excesiva de búfer en la región heap de la memoria en la función get_l2len_protocol en el archivo common/get.c Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected. • https://github.com/appneta/tcpreplay/issues/716 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27940 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-27940
26 Mar 2022 — tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. tcprewrite en Tcpreplay versión 4.4.1, presenta una lectura excesiva de búfer en la región heap de la memoria en la función get_ipv6_next en el archivo common/get.c Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected. • https://github.com/appneta/tcpreplay/issues/718 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27942 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-27942
26 Mar 2022 — tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. tcpprep en Tcpreplay versión 4.4.1 presenta una lectura excesiva de búfer en la región heap de la memoria en la función parse_mpls en el archivo common/get.c Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected. • https://github.com/appneta/tcpreplay/issues/719 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25484
https://notcve.org/view.php?id=CVE-2022-25484
22 Mar 2022 — tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1. tcpprep versión v4.4.1, presenta una aserción alcanzable (assert(l2len ) 0)) en la función packet2tree() en el archivo tree.c en tcpprep v4.4.1 • https://github.com/appneta/tcpreplay/issues/715 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-4197 – kernel: cgroup: Use open-time creds and namespace for migration perm checks
https://notcve.org/view.php?id=CVE-2021-4197
22 Mar 2022 — An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. Se encontró un fallo de escritura no privilegiado en el manejador de archivos en el subsi... • https://bugzilla.redhat.com/show_bug.cgi?id=2035652 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15388
https://notcve.org/view.php?id=CVE-2020-15388
18 Mar 2022 — A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. Una vulnerabilidad en Brocade Fabric OS antes de Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4 y v7.4.2h podría permitir a un usuario autenticado de la CLI abusar del comando history para escribir contenido arbitrario en archivos • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1493 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27789
https://notcve.org/view.php?id=CVE-2021-27789
18 Mar 2022 — The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program's standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. La aplicación web de Brocade Fabric OS versiones anteriores a Brocade Fabric OS v9.0.1a y v8.2.3a, contiene declaraciones de depuración que exponen información confidencial al disposi... • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1494 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27797
https://notcve.org/view.php?id=CVE-2021-27797
21 Feb 2022 — Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access to the system. Brocade Fabric OS versiones anteriores a Brocade Fabric OS versiones v8.2.1c, v8.1.2h, y todas las versiones de Brocade Fabric OS v8.0.x y v7.x contienen credenciales documentadas embebidas, que podrían permitir a los atacantes conseguir acceso al sistema • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1722 • CWE-798: Use of Hard-coded Credentials •