Lucene search
+L

1174 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Solaris 10 (sparc): 148241-08

SunOS 5.10: SunOS 5.10: statd patch. Date this patch was last updated by Sun : Jan/15/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255260; scriptversion"1.1";...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Solaris 10 (i386): 119784-51

SunOS 5.10: SunOS 5.10x86: BIND patch. Date this patch was last updated by Sun : Jan/15/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255258; scriptversion"1.1";...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:6 a.m.6 views

CVE-2023-5376

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01...

9.1CVSS7.1AI score0.01414EPSS
Exploits3
NVD
NVD
added 2024/08/16 6:15 p.m.59 views

CVE-2024-42758

A Cross-site Scripting XSS vulnerability exists in version v2024-01-05 of the indexmenu plugin when is used and enabled in Dokuwiki Open Source Wiki Engine. A malicious attacker can input XSS payloads for example when creating or editing existing page, to trigger the XSS on Dokuwiki, which is the...

5.4CVSS0.007EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.27 views

Photon OS 5.0: Libssh PHSA-2024-5.0-0187

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

5.9CVSS6.8AI score0.93305EPSS
Exploits4References3
OSV
OSV
added 2024/06/28 10:13 a.m.8 views

CLSA-2024-1719569607 Update of linux-firmware

Update AMD CPU microcode to 2024-01-16: - Update AMD CPU microcode for processor family 19h: sig 0x00a00f11, sig 0x00a00f12;...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/01 12:0 a.m.8 views

PT-2024-20354 · Vaales Technologies · V Qrs

Name of the Vulnerable Software and Affected Versions: Vaales Technologies V QRS version 2024-01-17 Description: The issue allows a remote attacker to obtain sensitive information via the Models/UserModel.php component. This is achieved through a SQL injection vulnerability. Recommendations: For...

7.5CVSS7.3AI score0.00545EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/01 12:0 a.m.8 views

CVE-2024-24313

An issue in Vaales Technologies VQRS v.2024-01-17 allows a remote attacker to obtain sensitive information via the Models/FormModel.php and QRModel.php component...

6.5AI score0.00579EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/22 12:0 a.m.45 views

SaltStack 3000 < 3005.5 / 3006 < 3006.6 Multiple Vulnerablities

According to its self-reported version number, the instance of SaltStack hosted on the remote server is affected by multiple vulnerabilities: - Syndic cache directory creation is vulnerable to a directory traversal attack. CVE-2024-22231 - A specially crafted url can be created which leads to a...

7.7CVSS6.2AI score0.0083EPSS
Exploits0References3
NVD
NVD
added 2024/02/02 4:15 p.m.46 views

CVE-2024-23824

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

4.7CVSS4.7AI score0.00597EPSS
Exploits1References3
Prion
Prion
added 2024/02/02 4:15 p.m.16 views

Code injection

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

3.3CVSS7AI score0.00597EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/02 3:18 p.m.42 views

CVE-2024-23824 mailcow ipixel flood attack leads to Denial of Service in admin page

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

4.7CVSS5AI score0.00597EPSS
Exploits1References3
OSV
OSV
added 2024/02/02 3:18 p.m.36 views

CVE-2024-23824 mailcow ipixel flood attack leads to Denial of Service in admin page

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

4.7CVSS4.8AI score0.00597EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/02/02 12:0 a.m.9 views

PT-2024-20106 · Mailcow · Mailcow

Name of the Vulnerable Software and Affected Versions: mailcow versions 2023-12a and prior Description: The application is vulnerable to a pixel flood attack. Once the payload has been successfully uploaded in the logo, the application becomes slow and unresponsive in the admin page...

4.7CVSS3.9AI score0.00597EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2024/02/01 12:16 a.m.4 views

SUSE CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

9.8CVSS8.5AI score0.0511EPSS
Exploits0References4
Circl
Circl
added 2024/01/31 11:56 p.m.3 views

GHSA-9H6G-PR28-7CQP

creationtimestamp| type| source ---|---|--- 2024-01-31 23:56:53+00:00| seen| https://t.me/ctinow/177197...

4.8AI score
Exploits0References1
Circl
Circl
added 2024/01/31 11:56 p.m.4 views

GHSA-9XC9-XQ7W-VPCR

creationtimestamp| type| source ---|---|--- 2024-01-31 23:56:52+00:00| seen| https://t.me/ctinow/177196...

4.8AI score
Exploits0References1
NVD
NVD
added 2024/01/31 10:15 p.m.22 views

CVE-2024-24747

MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able t...

8.8CVSS8.5AI score0.34086EPSS
Exploits4References3
OSV
OSV
added 2024/01/31 10:10 p.m.28 views

CVE-2024-24747 MinIO unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation

MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able t...

8.8CVSS8.3AI score0.34086EPSS
Exploits4References5
Circl
Circl
added 2024/01/31 7:31 p.m.4 views

CVE-2024-22282

creationtimestamp| type| source ---|---|--- 2024-01-31 19:31:48+00:00| seen| https://t.me/ctinow/177022...

7.1CVSS7.1AI score0.00331EPSS
Exploits0References1
Rows per page
Query Builder