Lucene search
+L

39 matches found

OpenVAS
OpenVAS
added 2023/09/27 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-6397-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.6AI score0.05794EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2843)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.6AI score0.06127EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2023/09/12 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-6339-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.02975EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/12 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-6357-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.6AI score0.05794EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6339-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.02975EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/07 12:0 a.m.47 views

Ubuntu: Security Advisory (USN-6349-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.03546EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2023/09/07 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-6350-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.02975EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/07 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.02975EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.41 views

Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6351-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6351-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker cou...

9.8CVSS7.5AI score0.02975EPSS
Exploits0References9
OSV
OSV
added 2023/08/06 11:5 a.m.5 views

OESA-2023-1469 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.5AI score0.00517EPSS
Exploits1References6
OSV
OSV
added 2023/07/13 12:15 a.m.8 views

CVE-2023-21255

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS8AI score
Exploits0References5
CVE
CVE
added 2023/07/12 11:33 p.m.198 views

CVE-2023-21255

CVE-2023-21255 is a memory corruption vulnerability in the Linux kernel binder.c caused by a use-after-free. It leads to local privilege escalation with no extra privileges or user interaction required (CVSS 3.1 base 7.8). Affected component: binder.c in the kernel; impact is described as local e...

7.8CVSS8.8AI score0.00194EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2023/07/12 11:33 p.m.42 views

CVE-2023-21255

In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7AI score0.00194EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/01/20 12:0 a.m.35 views

Oracle E-Business Suite (Jan 2022 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory. - Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite component: Intelligence, RFx Creation. Supported versions that ar...

8.1CVSS6.5AI score0.28839EPSS
Exploits1References11
Cvelist
Cvelist
added 2022/01/19 11:22 a.m.34 views

CVE-2022-21255

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

8.1CVSS7.8AI score0.01091EPSS
Exploits0References1
CVE
CVE
added 2022/01/19 11:22 a.m.105 views

CVE-2022-21255

CVE-2022-21255 affects Oracle E-Business Suite Configurator (UI Servlet). Affected versions are 12.2.3–12.2.11. The vulnerability allows a network-accessible, low-privilege attacker to exploit via HTTP to compromise data, enabling unauthorized creation/deletion/modification of Oracle Configurator...

8.1CVSS8.1AI score0.01091EPSS
Exploits0References1Affected Software1
ALT Linux
ALT Linux
added 2021/03/31 12:0 a.m.115 views

Security fix for the ALT Linux 10 package glpi version 9.5.4-alt1

March 31, 2021 Pavel Zilke 9.5.4-alt1 - New version 9.5.4 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-21326 : Horizontal Privilege Escalation + CVE-2021-21255 : entities switch IDOR + CVE-2021-21258 : XSS injection in ajax/kanban + CVE-2021-21314 : XSS...

5CVSS5.7AI score0.02252EPSS
Exploits5
NVD
NVD
added 2021/03/02 8:15 p.m.23 views

CVE-2021-21255

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4...

5.8CVSS0.00854EPSS
Exploits0References2
CVE
CVE
added 2021/03/02 7:40 p.m.57 views

CVE-2021-21255

CVE-2021-21255 relates to GLPI 9.5.3 where an authenticated user could perform an Insecure Direct Object Reference (IDOR) to switch entities. The issue is resolved in GLPI 9.5.4. The vulnerability affects the web application’s entity switching logic; no exploitation details are provided beyond th...

5.8CVSS5.7AI score0.00854EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder