Lucene search
K

66 matches found

RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.5 views

CVE-2026-25857

Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality formSetWanDiag. The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without...

8.8CVSS6.1AI score0.02819EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-8.el8 (AXSA:2022-3880:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3880:02 advisory. snakeyaml: Denial of Service due to missing nested depth limitation for collections CVE-2022-25857 Tenable has extracted the preceding description block...

7.5CVSS7.4AI score0.02191EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:27 p.m.7 views

CVE-2021-25857

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the fonttype parameter to setup.php...

7.2CVSS7.7AI score0.00835EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:55 p.m.9 views

CVE-2020-25857

The function ClientEAPOLKeyRecvd in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an rtlmemcpy operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker c...

7.5CVSS7.3AI score0.01229EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:46 a.m.47 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries. Vulnerability Details CVEID:CVE-2022-24839 DESCRIPTION: Sparkle Motion Nokogiri is vulnerable to a denial of...

7.5CVSS8.8AI score0.19653EPSS
Exploits4Affected Software1
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.171 views

CVE-2022-25857 affecting package snakeyaml 1.25-2

CVE-2022-25857 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never applicable...

7.5CVSS9.3AI score0.02191EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/06 5:31 a.m.14 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to org.yaml:snakeyaml Denial of Service (DoS)

Summary IBM Sterling Partner Engagement Manager uses org.yaml:snakeyaml Denial of Service , affected for the CVE CVE-2022-25857 Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation...

7.5CVSS6.7AI score0.02191EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.40 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS8.1AI score0.99931EPSS
Exploits52References48
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.70 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.6AI score0.99999EPSS
Exploits61References66
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.53 views

RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6179 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.9AI score0.99999EPSS
Exploits61References20
Tenable Nessus
Tenable Nessus
added 2024/04/23 12:0 a.m.38 views

RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

9.9CVSS8AI score0.99615EPSS
Exploits11References56
Tenable Nessus
Tenable Nessus
added 2024/04/23 12:0 a.m.58 views

RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7288 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.8CVSS7.8AI score0.99999EPSS
Exploits61References19
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.44 views

RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0560 advisory. - google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper...

9.9CVSS6.8AI score0.05563EPSS
Exploits4References49
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/20 8:4 p.m.40 views

Security Bulletin: Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated.

Summary Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated. These vulnerabilities were fixed in the images published on December 01, 2023 but the CVEs were not included in the bulletin. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote...

9.8CVSS9.6AI score0.99615EPSS
Exploits11Affected Software1
RedHat Linux
RedHat Linux
added 2023/12/07 1:41 p.m.63 views

Moderate: Red Hat Security Advisory: AMQ Clients 2023.Q4

An update is now available for Red Hat AMQ Clients Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

9.8CVSS7.1AI score0.99615EPSS
Exploits12References13
RedHat Linux
RedHat Linux
added 2023/10/30 1:3 p.m.93 views

Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.99999EPSS
Exploits61References10
Circl
Circl
added 2023/08/11 6:16 p.m.7 views

CVE-2021-25857

creationtimestamp| type| source ---|---|--- 2023-08-11 18:16:58+00:00| seen| https://t.me/cibsecurity/68355...

7.2CVSS7AI score0.00835EPSS
Exploits1References1
NVD
NVD
added 2023/08/11 2:15 p.m.15 views

CVE-2021-25857

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the fonttype parameter to setup.php...

7.2CVSS7.3AI score0.00835EPSS
Exploits1References1
CVE
CVE
added 2023/08/11 12:0 a.m.26 views

CVE-2021-25857

The CVE-2021-25857 issue affects pcmt superMicro-CMS version 3.11. An authenticated attacker can trigger arbitrary code execution via the font_type parameter in setup.php. Root cause and impact are described across multiple sources consistently, but no explicit remediation details (patch version ...

7.2CVSS7.2AI score0.00835EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/08/11 12:0 a.m.24 views

CVE-2021-25857

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the fonttype parameter to setup.php...

7.5AI score0.00835EPSS
Exploits1References1
Rows per page
Query Builder