Lucene search
K

134 matches found

Nuclei
Nuclei
added yesterday62 views

Apache Struts <2.3.1.1 - Remote Code Execution

Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used in the DebuggingInterceptor component, a remote attacker can execute arbitrary OGNL commands via unspecified vectors, which can allow for execution of malware, obtaining sensitive information,...

6.8CVSS7.8AI score0.74405EPSS
Exploits9References5
OSV
OSV
added 2026/04/11 2:3 p.m.6 views

OESA-2026-1849 dovecot security update

Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can u...

7.5CVSS5.8AI score0.0079EPSS
Exploits6References9
Circl
Circl
added 2026/03/27 12:13 p.m.3 views

CVE-2026-0394

creationtimestamp| type| source ---|---|--- 2026-03-27 12:13:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi23qsvkva2g...

5.3CVSS5.8AI score0.00427EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.17 views

Siemens SIMATIC S7-1500 TM MFP BIOS Missing Encryption of Sensitive Data (CVE-2023-0394)

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5.5CVSS6.4AI score0.01016EPSS
Exploits0References4
Circl
Circl
added 2025/01/14 8:28 a.m.6 views

CVE-2025-0394

creationtimestamp| type| source ---|---|--- 2025-01-14 08:28:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113825764299839192 2025-01-14 09:10:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1468 2025-01-14 09:15:52+00:00| seen|...

8.8CVSS8.7AI score0.01116EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/01/14 8:23 a.m.11 views

CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function

The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ghbigfileupload function in all versions up to, and including, 3.7.3.5. This makes it possible for...

8.8CVSS8.9AI score0.01116EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/14 8:23 a.m.22 views

CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function

The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ghbigfileupload function in all versions up to, and including, 3.7.3.5. This makes it possible for...

8.8CVSS0.01116EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/12/23 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2024-0394)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.43663EPSS
Exploits13References6
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.31 views

Apache Struts 2.0.0 < 2.3.18 RCE (S2-008)

The version of Apache Struts installed on the remote host is prior to 2.3.18. It is, therefore, affected by a vulnerability as referenced in the S2-008 advisory. - The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute...

6.8CVSS8.6AI score0.74405EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.24 views

Photon OS 3.0: Linux PHSA-2023-3.0-0527

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0527. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.9CVSS8.1AI score0.03702EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.21 views

Photon OS 4.0: Postgresql14 PHSA-2023-4.0-0394

An update of the postgresql14 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0394. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.2CVSS6.8AI score0.0119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.99 views

Citrix Virtual Apps and Desktops Privilege Escalation (CTX678035)

The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is prior to 2402, 1912 LTSR CU9 or 2203 LTSR CU5. It is, therefore, affected by a privilege escalation vulnerability. By exploiting this vulnerability, a local, low-privileged attacker could gain SYSTEM privilege...

8.5CVSS8.3AI score0.00214EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.28 views

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0394-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9CVSS7.4AI score0.03702EPSS
Exploits9References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 11:26 a.m.41 views

Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System

Summary There are vulnerabilities in the Linux kernel, used by IBM Storage Scale System, which could allow a denial of service. Fixes for these vulnerabilities are available. Vulnerability Details CVEID:CVE-2023-1195 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a...

7.8CVSS8AI score0.01508EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.24 views

SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:4031-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4031-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following...

7.8CVSS6.7AI score0.01094EPSS
Exploits3References77
OSV
OSV
added 2023/07/06 9:33 a.m.13 views

SUSE-SU-2023:1811-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5753: Fixed spectre V1 vulnerability on netlink bsc1209547. - CVE-2017-5753: Fixed spectre vulnerability in prlimit bsc1209256. - CVE-2021-3923: Fixed...

7.8CVSS8.3AI score0.93838EPSS
Exploits10References50
Tenable Nessus
Tenable Nessus
added 2023/05/23 12:0 a.m.57 views

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6096-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6096-1 advisory. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread....

7.8CVSS7.8AI score0.71737EPSS
Exploits3References26
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.150 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS7AI score0.03763EPSS
Exploits17References52
OSV
OSV
added 2023/05/16 12:0 a.m.42 views

ALSA-2023:2736 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 net/ulp: use-after-free in listening ULP sockets...

8.8CVSS9AI score0.03763EPSS
Exploits17References80
OpenVAS
OpenVAS
added 2023/05/16 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1902)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.6AI score0.01433EPSS
Exploits4References2
Rows per page
Query Builder