File Inclusion node-tar Dependency in Jira Software Data Center

This High severity File Inclusion vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.1 of Jira Software Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2 and a CVS...

ISC BIND 9.16.0 < 9.18.41 / 9.16.8-S1 < 9.18.41-S1 / 9.18.0 < 9.18.41 / 9.18.11-S1 < 9.18.41-S1 / 9.20.0 < 9.20.15 / 9.20.9-S1 < 9.20.15-S1 / 9.21.0 < 9.21.14 Vulnerability (cve-2025-40780)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40780 advisory. - In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for a...

CVE-2023-27481

Directus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the password field in directususers can extract the argon2 password hashes by brute forcing the export functionality combined with a startswith filter. This allow...

Termius 安全漏洞

Termius is an SSH client from Termius, Inc. A security vulnerability exists in Termius versions 9.9.0 through 9.16.0, which stems from an insecure Electron Fuses configuration that could allow a physically proximate attacker to execute arbitrary code...

Atlassian Jira < 9.4.21 / 9.12.x < 9.12.8 / 9.15.x < 9.16.0 (JRASERVER-77713)

The version of Atlassian Jira Server running on the remote host is affected by a vulnerability as referenced in the JRASERVER-77713 advisory. - This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information...

Atlassian Jira 9.13.x < 9.16.0 Information Disclosure

According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 9.4.21, 9.5.x prior to 9.12.8 or 9.13.x prior to 9.16.0. It is, therefore, affected by an information disclosure vulnerability. Note that the scanner has not tested for these issue...

Apache Wicket Environment Issue Vulnerability

Apache Wicket is a set of open source, lightweight, component-based frameworks from the Apache Foundation that provide an object-oriented approach to developing dynamic Web-based UI applications. An environmental issue vulnerability exists in Apache Wicket 9.1.0 through 9.16.0, versions prior to...

ISC BIND DoS Vulnerability (CVE-2023-6516) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

DEBIAN-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

Design/Logic Flaw

Directus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the password field in directususers can extract the argon2 password hashes by brute forcing the export functionality combined with a startswith filter. This allow...

CVE-2023-27481 Extract password hashes through export querying in directus

Directus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the password field in directususers can extract the argon2 password hashes by brute forcing the export functionality combined with a startswith filter. This allow...

UBUNTU-CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

ISC BIND DoS Vulnerability (CVE-2020-8619) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

ISC BIND DoS Vulnerability (CVE-2020-8619) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 - 9.11.19, BIND 9.14.9 - 9.14.12, BIND 9.16.0 - 9.16.3, BIND Supported Preview Edition 9.11.14-S1 - 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an...

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...