|Max CVSS||4.3||Min CVSS||3.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
|22-03-2021 - 13:05||13-03-2019 - 08:29|
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can
|19-10-2020 - 18:06||25-03-2019 - 18:29|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthen
|11-09-2020 - 16:15||23-04-2019 - 19:32|
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
|24-08-2020 - 17:37||09-04-2019 - 03:29|
If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present
|15-04-2019 - 16:31||02-08-2018 - 14:29|