Lucene search
K

156 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:48 a.m.9 views

CVE-2011-1131

The PlushSearch2 function in Search.php in Simple Machines Forum SMF before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created,...

5CVSS6.5AI score0.01242EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.5 views

HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from the lack of a no cache header, which could lead to sensitive data being cached...

3.2CVSS6.6AI score0.00127EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 2:49 p.m.5 views

GHSA-76G3-38JV-WXH4 tough timestamp metadata is cached when it fails snapshot rollback check

Summary TUF repositories use the timestamp role to protect against rollback events by enabling an automated process to periodically sign the role's metadata. While tough will ensure that the version of snapshot metadata in new timestamp metadata files was always greater than or equal to the...

5.7CVSS6.1AI score0.00307EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/26 10:18 p.m.18 views

CVE-2025-27141

Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2 of Metabase Enterprise Edition, users with impersonation permissions may be able to see resul...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:1 a.m.16 views

CVE-2022-49550

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide blockinvalidatefolio to fix memory leak The ntfs3 filesystem lacks the 'invalidatefolio' method and it causes memory leak. If you write to the filesystem and then unmount it, the cached written data are not free...

5.5CVSS0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/10 12:0 a.m.4 views

SAP Fiori 安全漏洞

SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. A security...

3.1CVSS6.4AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2024/10/30 5:11 p.m.6 views

DRUPAL-CONTRIB-2024-056

Integrates your Drupal website with the Oh Dear monitoring app. Cached data of monitoring results is accessible to non-logged in users when caching is enabled on the module. This vulnerability is mitigated by the fact that it only affects sites where caching is enabled for OhDear report healthche...

5.3CVSS6.8AI score0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.8 views

PT-2024-29625 · Unknown · Sinec Traffic Analyzer

Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to V2.0 Description: The affected application does not properly handle cacheable HTTP responses in the web service, which could allow an attacker to read and modify data stored in the local cache...

6.5CVSS6.7AI score0.00233EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/07/16 3:57 p.m.23 views

CVE-2024-40935

In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILESDEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILESDEAD, the cachefilesdaemonwrite will always return -EIO, so t...

5.5CVSS7.9AI score0.00259EPSS
Exploits0References4
Veracode
Veracode
added 2024/05/20 7:24 a.m.8 views

Denial Of Service (DoS)

drupal/core is vulnerable to Denial Of Service. The vulnerability is caused by visiting install.php, which can cause cached data to become corrupted until caches are rebuilt...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/05/15 8:59 p.m.14 views

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

6.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/15 8:59 p.m.6 views

GHSA-W333-5F96-MJRR Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

5.3CVSS6.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/05/15 8:38 p.m.10 views

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

6.8AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.4 views

PT-2024-40492 · Packagist · Drupal/Drupal

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A visit to the install.php endpoint can cause cached data to become corrupted, potentially impairing a site until caches are rebuilt. Recommendations: At the moment, there is no...

5.3CVSS6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.6 views

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. SAP Business Objects Business Intelligence Platform suffers from a...

4.3CVSS6.3AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.4 views

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software from ISC that implements the DNS protocol. A security vulnerability exists in ISC BIND versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1, which stems from the fact that clearing a cached database node...

5.3CVSS8.3AI score0.00624EPSS
Exploits0References3
OSV
OSV
added 2023/10/31 5:15 p.m.2 views

DEBIAN-CVE-2023-43796

Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or...

5.3CVSS6.7AI score0.00897EPSS
Exploits0References1
OSV
OSV
added 2023/10/31 5:15 p.m.4 views

PYSEC-2023-230

Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or...

5.3CVSS6.6AI score0.00897EPSS
Exploits0References2
NVD
NVD
added 2023/09/28 7:15 p.m.17 views

CVE-2023-5256

In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation. This vulnerability only affects sites with the JSON:API module enabled,...

7.5CVSS7.4AI score0.00694EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.4 views

SUSE CVE-2017-7753

An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

6.8CVSS8.7AI score0.03186EPSS
Exploits1References8
Rows per page
Query Builder