Severity Low Analysis Summary Cookie security is not enabled in the OfficeScan web console’s HTTP response. A possible zero-day vulnerability may allow an attacker to bypass […]

Severity Low Analysis Summary CVE-2019-3816Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set […]

Severity Low Analysis Summary CVE-2019-0199The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response […]

Severity Medium Analysis Summary CVE-2009-5155In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a […]

Severity Low Analysis Summary CVE-2019-6465Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable. An attacker can […]

Severity Medium Analysis Summary CVE-2019-9810 Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. CVE-2019-9813 […]

Severity Medium Analysis Summary CVE-2018-5390Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can […]

Severity High Analysis Summary CVE-2017-14503libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. CVE-2018-1000132Mercurial […]