Lucene search
K

107 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.4 views

Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information (CVE-2024-39275)

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. This plugin...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : httpd-2.4.6-97.4.0.1.el7.AXS7 (AXSA:2022-2982:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2982:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 httpd: modsession: Heap overflow via a crafted SessionHeader...

9.8CVSS8.6AI score0.97108EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

9.8CVSS8.5AI score0.99999EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-39275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to...

7.8CVSS7.5AI score0.00414EPSS
Exploits1References2
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-39275 Malicious code in willow-1w7vd-dwlwi-opal-project (npm)

The package willow-1w7vd-dwlwi-opal-project was found to contain malicious code...

7.2AI score
Exploits0
GithubExploit
GithubExploit
added 2024/11/15 10:21 p.m.644 views

Exploit for Improper Input Validation in Saleor

saleor-platform All Saleor services started from a single repo...

5.3CVSS5.8AI score0.00516EPSS
Exploits1
Circl
Circl
added 2024/09/27 8:55 p.m.6 views

CVE-2024-39275

creationtimestamp| type| source ---|---|--- 2024-09-27 20:55:15+00:00| seen| https://t.me/cvedetector/6567...

8.8CVSS4.8AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2024/09/27 6:15 p.m.20 views

CVE-2024-39275

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

8.8CVSS0.00391EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/27 5:38 p.m.15 views

CVE-2024-39275 Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user...

8.5CVSS6.7AI score0.00391EPSS
Exploits0References1
Debian
Debian
added 2024/04/03 6:58 p.m.44 views

[SECURITY] [DSA 5653-1] gtkwave security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5653-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2024 https://www.debian.org/security/faq -...

7.8CVSS8.6AI score0.01493EPSS
Exploits82
Circl
Circl
added 2024/01/11 9:17 p.m.7 views

CVE-2023-39275

creationtimestamp| type| source ---|---|--- 2024-01-11 21:17:01+00:00| seen| https://t.me/ctinow/166831...

7.8CVSS7.4AI score0.00414EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/08 2:47 p.m.16 views

CVE-2023-39275

Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

7.8CVSS8.2AI score0.00414EPSS
Exploits1References2
CVE
CVE
added 2024/01/08 2:47 p.m.83 views

CVE-2023-39275

CVE-2023-39275 affects GTKWave up to version 3.3.115, where multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing code. A crafted .lxt2 file can trigger arbitrary code execution when opened by a user. Root cause is an overflow during allocation of the value array. Remedi...

7.8CVSS7.9AI score0.00414EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2024/01/08 2:47 p.m.17 views

CVE-2023-39275

Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

7.8CVSS8.1AI score0.00414EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.27 views

GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1818 GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2...

7.8CVSS8AI score0.00418EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.56 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...

9.8CVSS7.1AI score0.97108EPSS
Exploits11References29
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.65 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2023-0011)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 ...

9.8CVSS8.3AI score0.99999EPSS
Exploits9References13
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.92 views

K20622400: Apache HTTP server vulnerability CVE-2021-39275

Security Advisory Description apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-39275 Impact This...

9.8CVSS8.3AI score0.36339EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.50 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1074)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99999EPSS
Exploits9References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 5:31 p.m.94 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring Installed WebSphere Application Server including Log4j

Summary The following security issues has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect fr...

10CVSS10AI score0.99999EPSS
Exploits358Affected Software1
Rows per page
Query Builder