Lucene search
+L

176 matches found

CVE
CVE
added 2025/02/21 2:20 p.m.113 views

CVE-2025-0838

CVE-2025-0838 describes a heap buffer overflow in Abseil-cpp triggered by oversized args in sized constructors, reserve(), and rehash() for absl::{flat,node}hash{set,map}. This can cause integer overflow when computing the container backing store size and lead to out-of-bounds memory writes. Publ...

9.8CVSS7AI score0.00563EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/21 2:20 p.m.9 views

CVE-2025-0838 Heap Buffer overflow in Abseil

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve, and rehash methods of absl::flat,nodehashset,map did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer...

5.9CVSS7AI score0.00563EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.13 views

RockyLinux 8 : libsoup (RLSA-2025:0838)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:0838 advisory. libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 Tenable has extracted the preceding description block directly from...

8.4CVSS7.4AI score0.00679EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/01/31 12:0 a.m.13 views

AlmaLinux 8 : libsoup (ALSA-2025:0838)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0838 advisory. libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 Tenable has extracted the preceding description block directly from...

8.4CVSS7.4AI score0.00679EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/01/30 12:0 a.m.16 views

Oracle Linux 8 : libsoup (ELSA-2025-0838)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0838 advisory. 2.62.3-7 - Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict Resolves: RHEL-76376 Tenable has...

8.4CVSS7.4AI score0.00679EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/04/21 12:0 a.m.33 views

RHEL 5 : pki (RHSA-2010:0838)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0838 advisory. Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure PKI deployments. Simple...

9.8CVSS6.7AI score0.09854EPSS
Exploits0References9
Circl
Circl
added 2024/03/09 1:1 a.m.8 views

CVE-2024-0838

creationtimestamp| type| source ---|---|--- 2024-03-09 01:01:34+00:00| seen| https://t.me/ctinow/203702...

6.4CVSS7.2AI score0.00496EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:7 a.m.21 views

BIT-GITLAB-2023-2620 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions...

5.5CVSS4.5AI score0.00549EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.24 views

CVE-2024-0838 Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the side image URL parameter in the Age Gate in all versions up to, and including, 3.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00496EPSS
Exploits0References3
CVE
CVE
added 2024/02/20 6:56 p.m.92 views

CVE-2024-0838

CVE-2024-0838 affects the Happy Addons for Elementor WordPress plugin. It allows Stored XSS via the Age Gate’s side image URL parameter in all versions up to 3.10.1, exploitable by authenticated users with contributor access or higher. The root cause is insufficient input sanitization and output ...

6.4CVSS7AI score0.00496EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.35 views

GitLab < 15.8.5 (SECURITY-RELEASE-GITLAB-15-10-1-RELEASED)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A...

9.8CVSS6.2AI score0.01242EPSS
Exploits1References17
NVD
NVD
added 2023/07/13 3:15 a.m.23 views

CVE-2023-2620

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions...

5.5CVSS0.00549EPSS
Exploits0References2
Prion
Prion
added 2023/07/13 3:15 a.m.19 views

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions...

4.7CVSS3.9AI score0.00731EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/04/05 9:15 p.m.31 views

CVE-2023-0838

An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342...

5.5CVSS4.3AI score0.00731EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.7 views

CVE-2023-0838

An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342...

5.5CVSS4.8AI score0.00731EPSS
Exploits0References3
CVE
CVE
added 2023/04/05 12:0 a.m.96 views

CVE-2023-0838

GitLab CVE-2023-0838 affects GitLab CE/EE versions 15.1–15.8.4, 15.9.0–15.9.3, and 15.10.0–15.10.0 (i.e., before 15.8.5, 15.9.4, and 15.10.1). The issue allows a maintainer to modify a webhook URL to leak masked webhook secrets by adding a new parameter to the URL, addressing an incomplete fix fo...

5.5CVSS3.9AI score0.00731EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/04 12:0 a.m.41 views

GitLab 15.1 < 15.8.5 / 15.9 < 15.9.4 / 15.10 < 15.10.1 (CVE-2023-0838)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook...

5.5CVSS5.1AI score0.00731EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.33 views

Oracle Linux 8 : samba (ELSA-2023-0838)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0838 advisory. - related: rhbz2154369 - Add additional patch for CVE-2022-38023 - resolves: rhbz2154369 - Fix CVE-2022-38023 - resolves: rhbz2108331 - Fix CVE-2022-32742 Tenab...

8.1CVSS7.4AI score0.02416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.64 views

Rocky Linux 8 : samba (RLSA-2023:0838)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0838 advisory. - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Nessus has not tested for this issue but has instead relied only on the application'...

8.1CVSS6.8AI score0.02416EPSS
Exploits0References3
CVE
CVE
added 2023/02/13 4:17 p.m.14 views

CVE-2021-0838

CVE-2021-0838 is listed in the Android 12 release notes under the System component with Android bug ID A-170491114, classified as ID (Information disclosure) and rated Moderate. The connected document confirms the CVE entry exists and provides only the type and severity information; no root-cause...

8.7AI score
Exploits0
Rows per page
Query Builder