open integration gateway vulnerabilities and exploits

4
CVSSv2
CVE-2019-1002100

In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type:...

Kubernetes
7.2
CVSSv2
CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty...

7.5
CVSSv2
CVE-2017-9248

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection...

TelerikSitefinity CmsUi For Asp.net Ajax
5
CVSSv2
CVE-1999-0016

Land IP denial of service....

GnuInetMicrosoftWinsockWindows 95Windows NtCiscoIosHpHp-uxNetbsdSunSunos
4.8
CVSSv2
CVE-2019-6447

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once,...

EstrongsEs File Explorer File Manager
6.4
CVSSv2
CVE-2018-10933

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access....

LibsshNetappOncommand Workflow AutomationSnapcenterStorage Automation StoreOracleMysql WorkbenchCanonicalUbuntu LinuxDebianDebian LinuxRedhatEnterprise Linux
4.7
CVSSv2
CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache....

4.7
CVSSv2
CVE-2017-5715

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis....

NA
CVE-2018-3260

SpecuCheck SpecuCheck is a Windows utility for checking the state of the software and hardware mitigations against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4). It uses two new information classes that were...