Lucene search

K

Berkeley-AL20, Berkeley-BD Security Vulnerabilities

rocky
rocky

bind security update

An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the Domain...

7.5CVSS

6.8AI Score

0.001EPSS

2023-08-08 12:33 PM
12
nuclei
nuclei

FreeIPA - XML Entity Injection

Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP...

7.5CVSS

7.4AI Score

0.039EPSS

2023-08-05 09:56 AM
11
openvas
openvas

CentOS: Security Advisory for bind (CESA-2023:4152)

The remote host is missing an update for...

7.5CVSS

8.1AI Score

0.001EPSS

2023-08-04 12:00 AM
3
centos
centos

bind security update

CentOS Errata and Security Advisory CESA-2023:4152 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

7.5CVSS

6.9AI Score

0.001EPSS

2023-08-03 02:24 PM
98
redhat
redhat

(RHSA-2023:4332) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

6.9AI Score

0.001EPSS

2023-07-31 08:58 AM
15
openbugbounty
openbugbounty

bd-journal.com Cross Site Scripting vulnerability OBB-3552668

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.1AI Score

2023-07-27 06:24 AM
15
kitploit
kitploit

Bashfuscator - A Fully Configurable And Extendable Bash Obfuscation Framework

Documentation What is Bashfuscator? Bashfuscator is a modular and extendable Bash obfuscation framework written in Python 3. It provides numerous different ways of making Bash one-liners or scripts much more difficult to understand. It accomplishes this by generating convoluted, randomized Bash...

7.1AI Score

2023-07-26 01:41 PM
14
nessus
nessus

Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service (CVE-2018-0372)

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an...

7.5CVSS

6.8AI Score

0.001EPSS

2023-07-25 12:00 AM
3
fedora
fedora

[SECURITY] Fedora 38 Update: grpc-1.48.4-8.fc38

gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...

5.3CVSS

5.7AI Score

0.001EPSS

2023-07-23 01:29 AM
8
fedora
fedora

[SECURITY] Fedora 37 Update: grpc-1.48.4-8.fc37

gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...

5.3CVSS

5.7AI Score

0.001EPSS

2023-07-23 01:24 AM
7
redhat
redhat

(RHSA-2023:4154) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5AI Score

0.001EPSS

2023-07-18 07:40 AM
9
redhat
redhat

(RHSA-2023:4153) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5AI Score

0.001EPSS

2023-07-18 07:40 AM
11
redhat
redhat

(RHSA-2023:4152) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

6.9AI Score

0.001EPSS

2023-07-18 07:39 AM
30
redhat
redhat

(RHSA-2023:4102) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

6.9AI Score

0.001EPSS

2023-07-17 08:08 AM
43
redhat
redhat

(RHSA-2023:4101) Important: bind security and bug fix update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

6.9AI Score

0.001EPSS

2023-07-17 08:08 AM
19
redhat
redhat

(RHSA-2023:4100) Important: bind9.16 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

6.9AI Score

0.001EPSS

2023-07-17 08:08 AM
13
redhat
redhat

(RHSA-2023:4099) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5AI Score

0.001EPSS

2023-07-17 08:08 AM
9
almalinux
almalinux

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

6.9AI Score

0.001EPSS

2023-07-17 12:00 AM
14
osv
osv

Important: bind9.16 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

7.2AI Score

0.001EPSS

2023-07-17 12:00 AM
8
almalinux
almalinux

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

7.7AI Score

0.001EPSS

2023-07-17 12:00 AM
20
almalinux
almalinux

Important: bind9.16 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

7.7AI Score

0.001EPSS

2023-07-17 12:00 AM
14
osv
osv

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

7.2AI Score

0.001EPSS

2023-07-17 12:00 AM
8
osv
osv

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

7.5CVSS

7.2AI Score

0.001EPSS

2023-07-17 12:00 AM
10
openvas
openvas

Fedora: Security Advisory for cups (FEDORA-2023-9dbd5b28d4)

The remote host is missing an update for...

7.1CVSS

7.2AI Score

0.0004EPSS

2023-07-15 12:00 AM
3
fedora
fedora

[SECURITY] Fedora 37 Update: cups-2.4.6-1.fc37

CUPS printing system provides a portable printing layer for UNIX=EF=BF=BD=EF=BF=BD operating systems. It has been developed by Apple In c. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...

7.1CVSS

6.9AI Score

0.0004EPSS

2023-07-14 01:19 AM
5
nvd
nvd

CVE-2023-30561

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

6.1CVSS

0.001EPSS

2023-07-13 08:15 PM
nvd
nvd

CVE-2023-30563

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

8.2CVSS

0.001EPSS

2023-07-13 08:15 PM
cve
cve

CVE-2023-30564

Alaris Systems Manager does not perform input validation during the Device Import...

6.9CVSS

6.7AI Score

0.0004EPSS

2023-07-13 08:15 PM
15
cve
cve

CVE-2023-30565

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

3.5CVSS

4.2AI Score

0.0004EPSS

2023-07-13 08:15 PM
20
nvd
nvd

CVE-2023-30565

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

3.5CVSS

0.0004EPSS

2023-07-13 08:15 PM
cve
cve

CVE-2023-30561

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

6.1CVSS

6AI Score

0.001EPSS

2023-07-13 08:15 PM
13
cve
cve

CVE-2023-30562

A GRE dataset file within Systems Manager can be tampered with and distributed to...

6.7CVSS

6.5AI Score

0.0004EPSS

2023-07-13 08:15 PM
17
cve
cve

CVE-2023-30563

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

8.2CVSS

8AI Score

0.001EPSS

2023-07-13 08:15 PM
17
nvd
nvd

CVE-2023-30562

A GRE dataset file within Systems Manager can be tampered with and distributed to...

6.7CVSS

0.0004EPSS

2023-07-13 08:15 PM
nvd
nvd

CVE-2023-30564

Alaris Systems Manager does not perform input validation during the Device Import...

6.9CVSS

0.0004EPSS

2023-07-13 08:15 PM
prion
prion

Information disclosure

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

6.1CVSS

6.7AI Score

0.001EPSS

2023-07-13 08:15 PM
3
prion
prion

Design/Logic Flaw

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

3.5CVSS

5.2AI Score

0.0004EPSS

2023-07-13 08:15 PM
prion
prion

Session fixation

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

8.2CVSS

8.6AI Score

0.001EPSS

2023-07-13 08:15 PM
6
prion
prion

Input validation

Alaris Systems Manager does not perform input validation during the Device Import...

6.9CVSS

7.4AI Score

0.0004EPSS

2023-07-13 08:15 PM
1
prion
prion

Code injection

A GRE dataset file within Systems Manager can be tampered with and distributed to...

6.7CVSS

7.1AI Score

0.0004EPSS

2023-07-13 08:15 PM
6
nvd
nvd

CVE-2023-30560

The configuration from the PCU can be modified without authentication using physical connection to the...

6.8CVSS

0.001EPSS

2023-07-13 07:15 PM
cve
cve

CVE-2023-30560

The configuration from the PCU can be modified without authentication using physical connection to the...

6.8CVSS

6.5AI Score

0.001EPSS

2023-07-13 07:15 PM
11
prion
prion

Authentication flaw

The configuration from the PCU can be modified without authentication using physical connection to the...

6.8CVSS

7.2AI Score

0.001EPSS

2023-07-13 07:15 PM
3
cvelist
cvelist

CVE-2023-30565 CQI Data Sniffing

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

3.5CVSS

4.4AI Score

0.0004EPSS

2023-07-13 07:06 PM
cvelist
cvelist

CVE-2023-30564 Stored Cross-Site Scripting on Device Import Functionality

Alaris Systems Manager does not perform input validation during the Device Import...

6.9CVSS

6.9AI Score

0.0004EPSS

2023-07-13 07:06 PM
cvelist
cvelist

CVE-2023-30563 Stored Cross-Site Scripting on User Import Functionality

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

8.2CVSS

8.3AI Score

0.001EPSS

2023-07-13 07:04 PM
cvelist
cvelist

CVE-2023-30562 Lack of Dataset Integrity Checking

A GRE dataset file within Systems Manager can be tampered with and distributed to...

3CVSS

6.7AI Score

0.0004EPSS

2023-07-13 07:03 PM
cvelist
cvelist

CVE-2023-30561 Lack of Cryptographic Security of IUI Bus

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

6.1CVSS

6.2AI Score

0.001EPSS

2023-07-13 07:03 PM
cvelist
cvelist

CVE-2023-30560 PCU Configuration Lacks Authentication

The configuration from the PCU can be modified without authentication using physical connection to the...

6.8CVSS

6.8AI Score

0.001EPSS

2023-07-13 06:53 PM
nvd
nvd

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be...

5.7CVSS

0.0004EPSS

2023-07-13 06:15 PM
Total number of security vulnerabilities5869