Lucene search
+L

362 matches found

Rosalinux
Rosalinux
added 2024/10/29 9:52 a.m.27 views

Advisory ROSA-SA-2024-2517

software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...

6.5CVSS6.7AI score0.01669EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/27 12:0 a.m.3 views

PT-2024-34356

Name of the Vulnerable Software and Affected Versions: GSL GNU Scientific Library versions prior to 2.9 Description: The issue is caused by an integer signedness error in the gsl siman solve many function, located in siman/siman.c. This error occurs when params.n tries is negative, resulting in...

3.6CVSS5.8AI score0.00282EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2024/10/09 2:0 p.m.15 views

CVE-2024-28168

A flaw was found in Apache XML Graphics FOP. This vulnerability allows remote attackers to cause issues via improper handling of XML External Entity XXE references. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

7.5CVSS7.3AI score0.01038EPSS
Exploits0References4
OSV
OSV
added 2024/10/09 12:30 p.m.3 views

GHSA-JQFV-JRVQ-95JM Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...

6.9CVSS6.7AI score0.01038EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.7 views

Apache XML Graphics FOP 代码问题漏洞

Apache XML Graphics FOP is a Java application for converting XSL-FO files to PDF or other printable formats from the Apache Foundation USA. A code issue vulnerability exists in Apache XML Graphics FOP version 2.9, which stems from the presence of an incorrectly restricted XML external entity...

7.5CVSS6.6AI score0.01038EPSS
Exploits0References7
OSV
OSV
added 2024/09/16 3:34 a.m.13 views

RHBA-2020:0784 Red Hat Bug Fix Advisory: Ansible 2.9.6 release for Ansible Engine 2.9

Bulletin has no description...

5CVSS5.6AI score0.00435EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2024/09/04 4:15 p.m.19 views

CVE-2024-45506

A flaw was found in HAProxy. An issue in the HTTP/2 multiplexer combined with the zero-copy forwarding system allows remote attackers to trigger under very rare conditions an endless loop and cause a denial of service. Mitigation Disable the zero-copy forwarding system to mitigate this issue. Add...

7.5CVSS7.4AI score0.01203EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/09/04 3:15 p.m.11 views

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

7.5CVSS7.1AI score0.01203EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.7 views

PT-2024-31410 · I-Educar · I-Educar

Name of the Vulnerable Software and Affected Versions: i-Educar versions prior to 2.9 Description: A SQL Injection vulnerability was found in the ieducar/intranet/funcionario vinculo det.php file, which creates the query by concatenating the unsanitized GET parameter cod func, allowing the attack...

8.8CVSS9.1AI score0.00665EPSS
Exploits1References12
OSV
OSV
added 2024/06/15 12:0 a.m.9 views

OPENSUSE-SU-2024:10278-1 criu-2.9-1.1 on GA media

These are all security issues fixed in the criu-2.9-1.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS6.4AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2024/06/15 12:0 a.m.16 views

OPENSUSE-SU-2024:10776-1 gcab-1.4-2.9 on GA media

These are all security issues fixed in the gcab-1.4-2.9 package on the GA media of openSUSE Tumbleweed...

7.8CVSS7.6AI score0.02185EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:11484-1 libunshield0-1.4.3-2.9 on GA media

These are all security issues fixed in the libunshield0-1.4.3-2.9 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.6AI score0.02666EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.5 views

PT-2024-12582 · Maxime Schoeni · Sublanguage

Name of the Vulnerable Software and Affected Versions: Sublanguage versions n/a through 2.9 Description: The issue is related to a Missing Authorization vulnerability in Maxime Schoeni Sublanguage. Recommendations: For Sublanguage versions n/a through 2.9, update to a version that includes the fi...

8.8CVSS9.3AI score0.00401EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/06/06 10:15 p.m.23 views

CVE-2023-49441

dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery...

7.5CVSS6.9AI score0.00662EPSS
Exploits1References2
OSV
OSV
added 2024/06/06 9:20 p.m.12 views

CVE-2023-49441

dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery...

7.5CVSS6.3AI score0.00662EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.3 views

PT-2024-13737 · Dnsmasq +1 · Dnsmasq +1

Name of the Vulnerable Software and Affected Versions: dnsmasq version 2.9 Description: The issue is related to an Integer Overflow via forward query. Recommendations: For dnsmasq version 2.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability...

7.5CVSS6.4AI score0.00662EPSS
Exploits1References17
Vulnrichment
Vulnrichment
added 2024/05/22 4:35 a.m.14 views

CVE-2024-31395

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this...

6.8AI score0.00304EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/04/18 9:30 a.m.45 views

Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used

Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.exposeconfig" configuration The celery provider is the only community provider...

5.3CVSS6.7AI score0.01049EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2024/04/18 7:19 a.m.137 views

CVE-2024-31869

The CVE affects Apache Airflow 2.7.0–2.8.4, where an authenticated user can view sensitive provider configuration on the configuration UI if webserver.expose_config is set to non-sensitive-only; the Celery provider is noted as having sensitive configurations. Impact is information disclosure via ...

5.3CVSS4.2AI score0.01049EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/12 8:19 a.m.22 views

CVE-2024-27279

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a use...

6.8AI score0.00832EPSS
Exploits0References2
Rows per page
Query Builder