Lucene search
+L

20 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.20 views

Photon OS 5.0: Cmake PHSA-2023-5.0-0035

An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.5AI score0.82017EPSS
Exploits14References20
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.21 views

CBL Mariner 2.0 Security Update: rust / tensorflow / curl / mysql (CVE-2023-28319)

The version of rust / tensorflow / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28319 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a...

7.5CVSS6.8AI score0.02489EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/14 4:27 p.m.42 views

Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...

9.8CVSS9.7AI score0.78483EPSS
Exploits29Affected Software1
CBLMariner
CBLMariner
added 2024/04/17 10:2 p.m.25 views

CVE-2023-28319 affecting package tensorflow for versions less than 2.16.1-1

CVE-2023-28319 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.02489EPSS
Exploits1
CBLMariner
CBLMariner
added 2023/11/17 11:23 p.m.16 views

CVE-2023-28319 affecting package mysql for versions less than 8.0.34-1

CVE-2023-28319 affecting package mysql for versions less than 8.0.34-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.02489EPSS
Exploits1
CBLMariner
CBLMariner
added 2023/10/11 1:41 a.m.18 views

CVE-2023-28319 affecting package rust for versions less than 1.72.0-2

CVE-2023-28319 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.02489EPSS
Exploits1
OSV
OSV
added 2023/08/31 12:15 p.m.1 views

BELL-CVE-2023-28319 CVE-2023-28319 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.3AI score0.02489EPSS
Exploits1References1
CBLMariner
CBLMariner
added 2023/08/18 8:45 p.m.19 views

CVE-2023-28319 affecting package curl for versions less than 8.2.1-1

CVE-2023-28319 affecting package curl for versions less than 8.2.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.02489EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/08/15 5:43 p.m.60 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

9.8CVSS6.6AI score0.57941EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2023/08/15 12:0 a.m.58 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 (RHSA-2023:4629)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4629 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

9.8CVSS7.1AI score0.57941EPSS
Exploits3References21
Tenable Nessus
Tenable Nessus
added 2023/07/24 12:0 a.m.115 views

macOS 11.x < 11.7.9 Multiple Vulnerabilities (HT213845)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.9. It is, therefore, affected by multiple vulnerabilities: - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS...

9.8CVSS7.7AI score0.02658EPSS
Exploits10References43
Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.42 views

openSUSE 15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2023:2224-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2224-2 advisory. This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check...

7.5CVSS6.7AI score0.02658EPSS
Exploits4References13
ATTACKERKB
ATTACKERKB
added 2023/05/26 9:15 p.m.1 views

CVE-2023-28319

A use after free vulnerability exists in curl...

7.5CVSS6.7AI score0.02489EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2023/05/26 12:0 a.m.7 views

CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

7.5AI score0.02489EPSS
Exploits1References9
CVE
CVE
added 2023/05/26 12:0 a.m.294 views

CVE-2023-28319

CVE-2023-28319 : A use-after-free in curl/libcurl’s SSH fingerprint check (verifying server public keys with a SHA-256 hash) occurs when verification fails; memory for the fingerprint is freed before the error message is built, potentially leaking the freed hash data in error output. Affected are...

7.5CVSS7.3AI score0.02489EPSS
Exploits1References9Affected Software1
Hacker One
Hacker One
added 2023/05/23 8:38 a.m.131 views

Internet Bug Bounty: CVE-2023-28319: UAF in SSH sha256 fingerprint check

A use-after-free vulnerability was found in libcurl's SSH server public key verification feature, affecting versions 7.81.0 to 8.0.1. When the verification check failed, libcurl would free the memory for the fingerprint before returning an error message containing the now-freed hash, potentially...

7.5CVSS6.6AI score0.02489EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/05/18 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.02658EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2023/05/18 12:0 a.m.34 views

Slackware: Security Advisory (SSA:2023-137-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.02658EPSS
Exploits4References10
RedhatCVE
RedhatCVE
added 2023/05/17 9:27 a.m.50 views

CVE-2023-28319

A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed...

5.9CVSS6.2AI score0.02489EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.44 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-137-01)

The version of curl installed on the remote host is prior to 8.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-137-01 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key...

7.5CVSS6.6AI score0.02658EPSS
Exploits4References4
Rows per page
Query Builder