Lucene search
K

21 matches found

Circl
Circl
added 2026/03/18 5:17 p.m.4 views

CVE-2026-32731

creationtimestamp| type| source ---|---|--- 2026-03-18 17:17:17+00:00| published-proof-of-concept| https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-mwxc-m426-3f78 2026-03-18 23:20:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhemsomimm2u 2026-03-19...

9.9CVSS5.3AI score0.00432EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-32731

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be...

7.5CVSS6.7AI score0.00502EPSS
Exploits0References2
Talos
Talos
added 2025/07/28 12:0 a.m.8 views

MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2176 MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting XSS vulnerability July 28, 2025 CVE Number CVE-2025-32731 SUMMARY A reflected cross-site scripting xss vulnerability exists in the radiationDoseReport.php functionality of...

6.1CVSS5.7AI score0.00712EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/12/03 4:21 p.m.45 views

Important: Red Hat Security Advisory: rhc-worker-playbook security update

An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.9AI score0.02659EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/21 2:34 p.m.17 views

Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436

Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...

7.5CVSS7AI score0.01009EPSS
Exploits1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/14 3:7 a.m.14 views

CVE-2024-32731 Missing Authorization check in SAP My Travel Requests

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...

5.5CVSS7.1AI score0.00363EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/14 3:7 a.m.21 views

CVE-2024-32731 Missing Authorization check in SAP My Travel Requests

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...

5.5CVSS6AI score0.00363EPSS
Exploits0References2
CVE
CVE
added 2024/05/14 3:7 a.m.67 views

CVE-2024-32731

SAP My Travel Requests contains a privilege-escalation vulnerability due to missing authorization checks for authenticated users. Exploitation could allow an attacker to upload a malicious attachment to a business trip request, with low impact on confidentiality, integrity and availability as des...

5.5CVSS7AI score0.00363EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.36 views

openSUSE Security Advisory (SUSE-SU-2024:0573-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References19
OSV
OSV
added 2023/10/18 1:47 p.m.1 views

BELL-CVE-2023-32731

Bulletin has no description...

7.5CVSS6.7AI score0.00502EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:17 p.m.42 views

Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By...

7.5CVSS7.3AI score0.00502EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/20 3:24 p.m.42 views

Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.11 and earlier

Summary This fix upgrades to grpc 1.55.1, jersey 2.39.1, jackson 2.15.2, and socket.io 4.6.2. Vulnerability Details CVEID:CVE-2023-31125 DESCRIPTION: Engine.IO is vulnerable to a denial of service, caused by an uncaught exception. By sending a specially crafted HTTP request, a remote authenticate...

7.5CVSS6.8AI score0.01327EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/06/09 2:21 p.m.4 views

CVE-2023-32731

creationtimestamp| type| source ---|---|--- 2023-06-09 14:21:41+00:00| published-proof-of-concept| https://t.me/cibsecurity/65098...

7.5CVSS6.9AI score0.00502EPSS
Exploits0References1
Chainguard
Chainguard
added 2023/06/09 11:15 a.m.48 views

CVE-2023-32731 vulnerabilities

Vulnerabilities for packages: wavefront-proxy...

7.5CVSS6.9AI score0.00502EPSS
Exploits0
Wolfi
Wolfi
added 2023/06/09 11:15 a.m.31 views

CVE-2023-32731 vulnerabilities

Vulnerabilities for packages: wavefront-proxy...

7.5CVSS6.9AI score0.00502EPSS
Exploits0
CVE
CVE
added 2023/06/09 10:54 a.m.2909 views

CVE-2023-32731

CVE-2023-32731 involves a vulnerability in the gRPC HTTP/2 HPACK handling. When the HPACK header size exceeded error is raised, the stack skips parsing the remainder of the HPACK frame, causing HPACK table mutations to be ignored and desynchronizing the HPACK tables between sender and receiver. T...

7.5CVSS7.5AI score0.00502EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/05/29 6:15 p.m.2 views

CVE-2022-32731

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

5.8AI score
Exploits0References1
NVD
NVD
added 2023/05/29 6:15 p.m.6 views

CVE-2022-32731

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
Circl
Circl
added 2021/07/01 10:31 p.m.8 views

CVE-2021-32731

creationtimestamp| type| source ---|---|--- 2021-07-01 22:31:19+00:00| seen| https://t.me/cibsecurity/25877...

5.3CVSS5.5AI score0.01199EPSS
Exploits0References1
CVE
CVE
added 2021/07/01 7:5 p.m.96 views

CVE-2021-32731

CVE-2021-32731 affects XWiki Platform; between versions 13.1RC1 and 13.1, the reset-password form exposes the user’s email address when a username is supplied. The issue is resolved in version 13.2RC1; as a workaround, the vulnerability can be mitigated by manually editing the resetpasswordinline...

5.3CVSS5.2AI score0.01199EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder