CVE-2024-46894

<= 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly va

6.3MEDIUM

CVE-2024-46892

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly in

4.9MEDIUM

CVE-2024-46891

<= 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly re

5.3MEDIUM

CVE-2024-46890

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly va

9.1CRITICAL

CVE-2024-46889

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryp

5.3MEDIUM

CVE-2024-46888

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sa

9.9CRITICAL

CVE-2023-48431

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected software does not correctly validate

6.8MEDIUM

CVE-2023-48430

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not che

2.7LOW

CVE-2023-48429

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI of affected devices does not check

2.7LOW

CVE-2023-48428

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affecte

7.2HIGH

CVE-2023-48427

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate th

8.1HIGH

CVE-2023-44487

< 1.0

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2022-45094

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access

8.4HIGH

CVE-2022-45093

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access

8.5HIGH

CVE-2022-45092

< 1.0

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access

9.9CRITICAL

CVE-2022-35256

< 1.0

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. Th

6.5MEDIUM

CVE-2022-35255

< 1.0

A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTrait

9.1CRITICAL

CVE-2022-32222

< 1.0

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for ope

5.3MEDIUM

CVE-2022-32215

all versions

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-En

6.5MEDIUM

CVE-2022-32213

all versions

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-E

6.5MEDIUM

CVE-2022-32212

< 1.0

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost c

8.1HIGH

CVE-2022-2097

< 1.0

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data

5.3MEDIUM

CVE-2022-2068

< 1.0

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script d

7.3HIGH

CVE-2021-25220

< 1.0

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26

6.8MEDIUM

CVE-2022-0396

< 1.0

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically c

5.3MEDIUM

CVE-2021-4160

< 1.0

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of t

5.9MEDIUM

CVE-2022-0235

< 1.0

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

6.1MEDIUM

CVE-2022-0155

< 1.0

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

6.5MEDIUM

CVE-2021-22945

< 1.0.1.1

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an alr

9.1CRITICAL

CVE-2021-3749

< 1.0

axios is vulnerable to Inefficient Regular Expression Complexity

7.5HIGH

CVE-2021-25217

< 1.0

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lo

7.4HIGH

CVE-2021-23841

< 1.0

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and seria

5.9MEDIUM

CVE-2021-23839

< 1.0

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and m

3.7LOW

CVE-2021-23337

< 1.0

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

7.2HIGH

CVE-2020-28500

< 1.0

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd

5.3MEDIUM

CVE-2020-7793

< 1.0

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see lin

7.5HIGH

CVE-2020-28168

< 1.0

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy b

5.9MEDIUM

CVE-2020-12762

all versions

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

7.8HIGH