Lucene search
+L

133 matches found

Wolfi
Wolfi
added 2022/09/25 12:0 a.m.6 views

GHSA-8QV5-68G4-248J vulnerabilities

Vulnerabilities for packages: spark-scala-2.13...

7.5AI score
Exploits0
OSV
OSV
added 2022/09/25 12:0 a.m.3 views

GHSA-8QV5-68G4-248J Scala subject to file deletion, code execution due to Java deserialization chain with LazyList object deserialization

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with LazyList object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make netwo...

9.8CVSS6.9AI score0.08343EPSS
Exploits1References9
NVD
NVD
added 2022/09/23 6:15 p.m.26 views

CVE-2022-36944

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...

9.8CVSS0.08343EPSS
Exploits1References6
Chainguard
Chainguard
added 2022/09/23 6:15 p.m.29 views

CVE-2022-36944 vulnerabilities

Vulnerabilities for packages: spark-fips...

9.8CVSS7.5AI score0.08343EPSS
Exploits1
Prion
Prion
added 2022/09/23 6:15 p.m.37 views

Deserialization of untrusted data

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...

7.5CVSS9.5AI score0.08343EPSS
Exploits1References6Affected Software3
UbuntuCve
UbuntuCve
added 2022/09/23 6:15 p.m.54 views

CVE-2022-36944

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...

9.8CVSS7AI score0.08343EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/09/23 12:0 a.m.26 views

CVE-2022-36944

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...

9.8AI score0.08343EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2022/09/23 12:0 a.m.12 views

CVE-2022-36944

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network...

7.4AI score0.08343EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2022/05/14 1:4 a.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000406 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000406 Source advisory: OSV:GHSA-3PR8-RF62-G893...

6.5CVSS6.6AI score0.04021EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 1:4 a.m.6 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000862 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000862 Source advisory: OSV:GHSA-HPH9-9VCQ-F7GP...

4.3CVSS6.1AI score0.01366EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 1:4 a.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000409 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000409 Source advisory: OSV:GHSA-RR6R-P7RW-369C...

5.8CVSS6.5AI score0.01217EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:48 a.m.5 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000864 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000864 Source advisory: OSV:GHSA-9CJV-93G7-C6MV...

6.5CVSS6.5AI score0.02751EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:1 a.m.3 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000861 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000861 Source advisory: OSV:GHSA-HHPM-5CP2-HG4X...

10CVSS7AI score0.98481EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2019-0326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.3AI score0.02906EPSS
Exploits5References4
vulnersOsv
vulnersOsv
added 2021/09/02 4:52 p.m.5 views

ch.j3t:zio-prefetcher_2.13 (=0.8.0-RC6), com.47deg:energy-monitor-persistence-app_2.13 (=0.2.0) +98 more potentially affected by CVE-2021-39185 via org.http4s:http4s-server_2.13 (>=0.23.0 <=0.23.19)

org.http4s:http4s-server2.13 MAVEN version =0.23.0, =0.0.1, =0.12.1, =0.2.0, =0.1.0, =0.20.2, =1.1.1, =0.0.1, =1.2.2, =1.2.2, =1.2.2, =1.4.10 and more Source cves: CVE-2021-39185 Source advisory: OSV:GHSA-52CF-226F-RHR6...

9.1CVSS7.7AI score0.00594EPSS
Exploits0
OSV
OSV
added 2021/06/17 5:15 p.m.43 views

PYSEC-2021-103

Wagtail is an open source content management system built on Django. A cross-site scripting vulnerability exists in versions 2.13-2.13.1, versions 2.12-2.12.4, and versions prior to 2.11.8. When the % includeblock % template tag is used to output the value of a plain-text StreamField block...

5.4CVSS0.1AI score0.01109EPSS
Exploits1References4
Mageia
Mageia
added 2019/11/14 4:58 p.m.43 views

Updated cpio packages fix security vulnerabilities

in cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive CVE-2015-1197. Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to privilege...

7.3CVSS7.4AI score0.02906EPSS
Exploits5References2
Positive Technologies
Positive Technologies
added 2019/08/30 12:0 a.m.3 views

PT-2019-4757 · Gnu +7 · Cpio +7

Name of the Vulnerable Software and Affected Versions: cpio versions prior to 2.13 Description: The issue is related to the improper validation of input files when generating TAR archives. This can lead to the creation of archives containing files with permissions or in paths that the attacker di...

7.8CVSS6.1AI score0.0415EPSS
Exploits6References74
OSV
OSV
added 2019/07/04 2:15 p.m.1 views

CVE-2018-20850

Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server...

8.2CVSS5.8AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2018/08/31 12:0 a.m.13 views

UserPro <= 4.9.23 - Unauthenticated Cross-Site Scripting (XSS)

An XSS vulnerability that affects from version 2.13 to 4.9.23. PoC POST /wp-admin/admin-ajax.php Host: domain.com action=userproshortcodetemplate=userpro id=1 layout="float" collageperpage="20" emdpaginatetop="1" emdpaginate="1" emdgender="Gender,radi...

4.3CVSS1.1AI score0.01345EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder