Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2026/03/19 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-8105-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.8AI score0.00756EPSS
Exploits30References2
OpenVAS
OpenVAS
added 2026/03/05 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2026:0762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6AI score0.00756EPSS
Exploits5References14
OSV
OSV
added 2026/02/13 7:32 p.m.6 views

CLSA-2026-1771011128 freerdp: Fix of 2 CVEs

CVE-2026-22857: fix heap use-after-free in irpthreadfunc when serialprocessirp fails - CVE-2026-23530: fix heap buffer overflow in planar bitmap decompression due to missing nSrcWidth/nSrcHeight validation...

9.8CVSS7.5AI score0.00453EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2026/01/21 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2026-a193f1698f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.5AI score0.00756EPSS
Exploits9References11
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/18 12:0 a.m.3 views

freerdp-3.20.2-1.1 on GA media (moderate)

freerdp-3.20.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10059-1 Rating: moderate Cross-References: CVE-2026-22851 CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-22855 CVE-2026-22856 CVE-2026-22857 CVE-2026-22858 CVE-2026-22859 CVSS scores: CVE-2026-22851 SUSE : 5.9...

8.2CVSS7.2AI score0.00756EPSS
Exploits9
Circl
Circl
added 2026/01/14 6:38 p.m.8 views

CVE-2026-22857

creationtimestamp| type| source ---|---|--- 2026-01-14 18:38:51+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115894906438860835 2026-01-14 19:49:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcftnqq4i42q...

9.8CVSS5.8AI score0.00453EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.8 views

CVE-2024-22857

Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check was missing in zlogrulenew while copying the recordname from filepath + 1 which caused the buffer overflow. An...

9.8CVSS8.1AI score0.01699EPSS
Exploits0References1
OSV
OSV
added 2024/11/01 11:9 a.m.11 views

OESA-2024-2318 zlog security update

zlog is a reliable, high-performance, thread safe, flexible, clear-model, pure C logging library. Security Fixes: Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check w...

9.8CVSS8.6AI score0.01699EPSS
Exploits0References2
OSV
OSV
added 2024/10/12 11:9 a.m.16 views

OESA-2024-2213 zlog security update

zlog is a reliable, high-performance, thread safe, flexible, clear-model, pure C logging library. Security Fixes: Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check w...

9.8CVSS8.6AI score0.01699EPSS
Exploits0References2
Circl
Circl
added 2024/03/07 2:26 a.m.4 views

CVE-2024-22857

creationtimestamp| type| source ---|---|--- 2024-03-07 02:26:59+00:00| seen| https://t.me/ctinow/202000 2024-03-13 15:53:39+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10140 2024-03-15 01:31:50+00:00| seen| https://t.me/ctinow/208329...

9.8CVSS4.8AI score0.01699EPSS
Exploits0References3
CVE
CVE
added 2024/03/07 12:0 a.m.79 views

CVE-2024-22857

CVE-2024-22857 (zlog) : Heap-based buffer overflow in zlog_rule_new() affects zlog v1.1.0–v1.2.17. The bug arises from copying record_name from file_path+1 without verifying size against MAXLEN_PATH, allowing overflow of record_func pointer (zlog_record_fn) and potentially enabling arbitrary or r...

9.8CVSS7.9AI score0.01699EPSS
Exploits0References5
Circl
Circl
added 2023/03/06 12:17 p.m.6 views

CVE-2023-22857

creationtimestamp| type| source ---|---|--- 2023-03-06 12:17:44+00:00| seen| https://t.me/cibsecurity/59467...

8.5CVSS5.4AI score0.00362EPSS
Exploits0References1
CVE
CVE
added 2023/03/06 6:26 a.m.70 views

CVE-2023-22857

BlogEngine.NET 3.3.8.0 is affected by a stored XSS vulnerability (CVE-2023-22857). An attacker can inject arbitrary JavaScript into a blog post, executing in the visitor’s browser. The provided documents do not include exploitation details or a remediation (patch/version) recommendation.

8.5CVSS6.5AI score0.00362EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 6:26 a.m.39 views

CVE-2023-22857 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0

A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post...

8.5CVSS7.9AI score0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/06 6:26 a.m.6 views

CVE-2023-22857 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0

A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post...

8.5CVSS6.3AI score0.00362EPSS
Exploits0References1
CVE
CVE
added 2021/02/17 10:45 a.m.38 views

CVE-2021-22857

CVE-2021-22857 describes a Directory Traversal vulnerability in the CGE page download function, allowing attackers to download arbitrary system files. Connected records identify the affected software as ChanGate Enterprise Co., Ltd property management system (per CVE-List). CVSS v3.1 impact: High...

7.5CVSS7.5AI score0.01776EPSS
Exploits0References2Affected Software1
Saint
Saint
added 2007/03/16 12:0 a.m.23 views

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

6.8CVSS7.8AI score0.19398EPSS
Exploits5
Saint
Saint
added 2007/03/16 12:0 a.m.34 views

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

6.8CVSS7.8AI score0.19398EPSS
Exploits5
Rows per page
Query Builder