ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities
AlmaLinux 9 : Image Builder (ALSA-2022:7950)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial...
7.6AI Score
RHEL 9 : Image Builder (RHSA-2022:7950)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7950 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...
7.8AI Score
Image Builder security, bug fix, and enhancement update
An update is available for cockpit-composer, weldr-client. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Image Builder is a service for building customized OS....
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.7AI Score
0.002EPSS
(RHSA-2022:7950) Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.7AI Score
0.002EPSS
Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303)
Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
8.9AI Score
0.009EPSS
Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267)
Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint remote code execution vulnerability. To learn more about the...
8.3AI Score
0.022EPSS
sfcp-espace-aubade.fr Cross Site Scripting vulnerability OBB-2999805
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
espace-evasion-delmoly.com Cross Site Scripting vulnerability OBB-2998933
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
espace-du-son.com Cross Site Scripting vulnerability OBB-2998932
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...
4.4CVSS
4.4AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during...
7.8CVSS
7.5AI Score
0.0004EPSS
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...
4.4CVSS
4.5AI Score
0.0004EPSS
espace-couture.fr Cross Site Scripting vulnerability OBB-2990906
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284)
Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...
9.1AI Score
0.011EPSS
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via...
9.4AI Score
0.003EPSS
9.6AI Score
0.014EPSS
espace-formatif-cfa.fr Cross Site Scripting vulnerability OBB-2854788
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...
6.2AI Score
0.0004EPSS
Segmentation Fault in SFS_Expression
It can cause Denial-of-service attack. Version root@ubuntu:~/gpac/.git# cat refs/heads/master 0102c5d4db7fdbf08b5b591b2a6264de33867a07 system stack size (default) root@ubuntu:~/gpac/bin/gcc# ulimit -s 8192 POC Download POC Execute root@ubuntu:~/gpac/bin/gcc# ./MP4Box -info -disox -dump-chap-ogg...
5.5CVSS
2.5AI Score
0.0005EPSS
espace-terroir.ch Cross Site Scripting vulnerability OBB-2744403
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219)
Description of the security update for SharePoint Foundation 2013: June 14, 2022 (KB5002219) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
9.1AI Score
0.013EPSS
Magento 2 Community Edition Access Control Bypass
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7.5CVSS
7AI Score
0.001EPSS
Magento 2 Community Edition Access Control Bypass
An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...
7AI Score
0.001EPSS
Ubuntu 16.04 ESM : libXrender vulnerabilities (USN-5436-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5436-1 advisory. Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to...
9.5AI Score
Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-7949,...
9.8CVSS
8AI Score
0.01EPSS
Releases Ubuntu 16.04 ESM Packages libxrender - X11 Rendering Extension client library Details Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code....
10AI Score
0.014EPSS
Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203)
Description of the security update for SharePoint Foundation 2013: May 10, 2022 (KB5002203) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
8.9AI Score
0.054EPSS
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...
6CVSS
6.2AI Score
0.0004EPSS
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of...
6CVSS
6.2AI Score
0.0004EPSS
9.1AI Score
0.02EPSS
espace-helvetia.ch Cross Site Scripting vulnerability OBB-2531840
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189)
Description of the security update for SharePoint Foundation 2013: April 12, 2022 (KB5002189) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability and Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the...
7.3AI Score
0.007EPSS
CVE-2022-0891 affecting package libtiff 4.1.0-3
CVE-2022-0891 affecting package libtiff 4.1.0-3. A patched version of the package is...
7.3AI Score
0.006EPSS
7910.org Cross Site Scripting vulnerability OBB-2434468
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Security update for conmon, libcontainers-common, libseccomp, podman (moderate)
An update that solves 7 vulnerabilities, contains one feature and has one errata is now available. Description: This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues: podman was updated to 3.4.4. Security issues fixed: fix CVE-2021-41190 [bsc#1193273],...
6.5CVSS
-0.4AI Score
espace-evasion-delmoly.com Cross Site Scripting vulnerability OBB-2377962
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
espace-corps-pluriel.com Cross Site Scripting vulnerability OBB-2377956
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
espace-du-son.com Cross Site Scripting vulnerability OBB-2377958
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
espace-client.saria.fr Cross Site Scripting vulnerability OBB-2365211
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Description of the security update for SharePoint Foundation 2013: February 8, 2022 (KB5002155)
Description of the security update for SharePoint Foundation 2013: February 8, 2022 (KB5002155) Summary This security update resolves a Microsoft SharePoint Server security feature bypass vulnerability. For more information about the vulnerability, see Microsoft Common Vulnerabilities and...
6.6AI Score
0.001EPSS
6.5AI Score
0.037EPSS
9.1AI Score
0.02EPSS