Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20748 | 1 Cisco | 1 Firepower Threat Defense | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted. | |||||
| CVE-2022-1385 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.8 MEDIUM | 3.7 LOW |
| Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace and access information from the public teams and channels. | |||||
| CVE-2021-1592 | 1 Cisco | 3 Unified Computing System, Unified Computing System 64108, Unified Computing System 6454 | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could exploit this vulnerability by opening a significant number of SSH sessions on an affected device. A successful exploit could allow the attacker to cause a crash and restart of internal Cisco UCS Manager software processes and a temporary loss of access to the Cisco UCS Manager CLI and web UI. Note: The attacker must have valid user credentials to authenticate to the affected device. | |||||
| CVE-2020-3504 | 1 Cisco | 108 Firepower 1010, Firepower 1120, Firepower 1140 and 105 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI. | |||||
| CVE-2020-3175 | 1 Cisco | 14 Mds 9132t, Mds 9148s, Mds 9148t and 11 more | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource usage control. An attacker could exploit this vulnerability by sending traffic to the management interface (mgmt0) of an affected device at very high rates. An exploit could allow the attacker to cause unexpected behaviors such as high CPU usage, process crashes, or even full system reboots of an affected device. | |||||
| CVE-2020-36774 | 2024-11-21 | N/A | 5.5 MEDIUM | ||
| plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). | |||||
| CVE-2020-1622 | 1 Juniper | 1 Junos Os Evolved | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1. | |||||
| CVE-2020-1621 | 1 Juniper | 1 Junos Os Evolved | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1. | |||||
| CVE-2020-1620 | 1 Juniper | 1 Junos Os Evolved | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. This issue affects all versions of Junos OS Evolved prior to 19.3R1. | |||||
| CVE-2019-5816 | 3 Fedoraproject, Google, Opensuse | 5 Fedora, Android, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. | |||||
| CVE-2019-16779 | 3 Debian, Excon Project, Opensuse | 4 Debian Linux, Excon, Backports Sle and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.8 MEDIUM |
| In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. | |||||
| CVE-2024-7889 | 1 Citrix | 1 Workspace | 2024-10-22 | N/A | 7.3 HIGH |
| Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | |||||