Lucene search
K

9260 matches found

OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2023-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.08519EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2023:1628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.01022EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2023:0795-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS5.5AI score0.00807EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2023/03/28 12:0 a.m.181 views

Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF)

Exploit Title: Label Studio 1.5.0 - Authenticated Server Side Request Forgery SSRF Google Dork: intitle:"Label Studio" intext:"Sign Up" intext:"Welcome to Label Studio Community Edition" Date: 2022-10-03 Exploit Author: @DeveloperNinja, [email protected] Vendor Homepage:...

6.5CVSS6.5AI score0.05088EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.33 views

CBL Mariner 2.0 Security Update: moby-runc (CVE-2022-24769)

The version of moby-runc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24769 advisory. - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bu...

5.9CVSS7AI score0.00492EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.27 views

Debian: Security Advisory (DLA-3369-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.9AI score0.06604EPSS
Exploits2References4
Debian
Debian
added 2023/03/27 4:7 p.m.37 views

[SECURITY] [DLA 3369-1] runc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3369-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 27, 2023 https://wiki.debian.org/LTS -...

8.5CVSS7.7AI score0.06604EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.231 views

WordPress Translatepress Multilingual SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
0day.today
0day.today
added 2023/03/27 12:0 a.m.263 views

WordPress NEX-Forms plugin < 7.9.7 - Authenticated SQL injection Vulnerability

Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...

8.8CVSS8.8AI score0.10375EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.282 views

WordPress NEX-Forms SQL Injection

Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...

8.8CVSS8.8AI score0.10375EPSS
Exploits5
GithubExploit
GithubExploit
added 2023/03/26 1:58 p.m.385 views

Exploit for Improper Access Control in Joomla Joomla\!

Joomla! information disclosure - CVE-2023-23752 exploit Explo...

5.3CVSS5.8AI score0.99827EPSS
Exploits43
Kitploit
Kitploit
added 2023/03/26 11:30 a.m.113 views

Waf-Bypass - Check Your WAF Before An Attacker Does

WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...

8.2AI score
Exploits0References1
Prion
Prion
added 2023/03/24 8:15 p.m.15 views

Design/Logic Flaw

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

5CVSS7.4AI score0.00759EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/03/24 7:58 p.m.89 views

CVE-2023-28444

The CVE concerns angular-server-side-configuration. It detects environment variables in TypeScript files during Angular CLI build, writes them to ngssc.json, and can expose them in index.html. In monorepo deployments with a backend, this may leak variables; a mitigation in v15.1.0 adds a searchPa...

9.9CVSS8AI score0.00759EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/03/24 7:58 p.m.19 views

CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

9.9CVSS7.9AI score0.00759EPSS
Exploits0References5
OSV
OSV
added 2023/03/24 9:0 a.m.5 views

SUSE-SU-2023:1566-1 Security update for containerd

This update for containerd fixes the following issues: - CVE-2022-23471: Fixed host memory exhaustion through Terminal resize goroutine leak bsc1206235. - Re-build containerd to use updated golang-packaging jsc1342. - Update to containerd v1.6.16 for Docker v23.0.0-ce...

6.5CVSS6.7AI score0.01022EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/23 11:10 p.m.23 views

CVE-2023-28442 Geoserver for GeoNode sensitive information leak

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Prior to versions 2.20.6, 2.19.6, and 2.18.7, anonymous users can obtain sensitive information about GeoNode configurations from the response of the /geoserver/rest/about/status...

7.5CVSS7.7AI score0.0064EPSS
Exploits0References3
Hacker One
Hacker One
added 2023/03/23 8:28 p.m.22 views

GitLab: Arbitrary escape sequence injection in docker-machine from worker nodes

Vulnerability description not provided...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/03/23 12:0 a.m.6 views

The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its improper protection of an alternative path, allowing a attacker to execute arbitrary code.

The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to improper protection of the alternative path. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00218EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.57 views

Amazon Linux 2023 : docker (ALAS2023-2023-143)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-143 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Tenable has extracted the preceding...

6.3CVSS6.8AI score0.00807EPSS
Exploits0References4
Rows per page
Query Builder