Lucene search
K

5127 matches found

OpenVAS
OpenVAS
added 2022/12/17 12:0 a.m.19 views

Fedora: Security Advisory for wireshark (FEDORA-2022-9d4aa8a486)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS6.6AI score0.01754EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/12 8:14 p.m.42 views

Security Bulletin: IBM QRadar Network Packet Capture has released 7.3.1 Patch 1, and 7.2.8 Patch 1 in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following 7.3.1 Patch 1 and 7.2.8. Patch 1 for IBM QRadar Network Packet Capture in response to CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM...

5.6CVSS7AI score0.93838EPSS
Exploits12Affected Software1
Github Security Blog
Github Security Blog
added 2022/12/12 9:30 a.m.24 views

Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

6.5CVSS6.2AI score0.00429EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/12/12 9:15 a.m.19 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

4.3CVSS6.4AI score0.00429EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/12 12:0 a.m.5 views

The vulnerability of the relay_cgi.cgi script implementation in the microprogramming software for Dingtian DT-R002’s relay devices allows a hacker to bypass security restrictions and gain full control over the device.

The vulnerability of the relaycgi.cgi script implementation in Dingtian DT-R002 microprogramming software relates to exploiting the capture-replay technique to bypass authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions and gain ful...

5.9CVSS6.2AI score0.10436EPSS
Exploits5References6Affected Software1
Veracode
Veracode
added 2022/12/11 5:26 a.m.23 views

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to the use after free in the Camera Capture component in the library, allowing an attacker to cause heap corruption via a crafted HTML page which leads to an application crash...

8.8CVSS8.5AI score0.0071EPSS
Exploits0References5Affected Software1
Fedora
Fedora
added 2022/12/10 1:24 a.m.19 views

[SECURITY] Fedora 37 Update: xfce4-screenshooter-1.10.0-1.fc37

The Xfce Screenshooter utility allows you to capture the entire screen, the active window or a selected region. You can set the delay that elapses before the screenshot is taken and the action that will be done with the screenshot: save it to a PNG file, copy it to the clipboard, or open it using...

9.8CVSS9.5AI score0.01406EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/10 12:0 a.m.10 views

Fedora: Security Advisory for xfce4-screenshooter (FEDORA-2022-7febff96e0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.01406EPSS
Exploits0References2
NVD
NVD
added 2022/12/09 6:15 p.m.24 views

CVE-2022-3724

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...

7.5CVSS0.02345EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/12/09 6:15 p.m.23 views

CVE-2022-3724

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...

7.5CVSS7.1AI score0.02345EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/12/09 5:4 a.m.42 views

CVE-2022-3190

A vulnerability was found in Wireshark. This issue occurs due to an Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark, leading to a denial of service via packet injection or crafted capture file...

5.5CVSS6.1AI score0.01754EPSS
Exploits1References4
OSV
OSV
added 2022/12/09 12:0 a.m.22 views

CVE-2022-3724

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...

6.3CVSS7.6AI score0.02345EPSS
Exploits0References5
CVE
CVE
added 2022/12/08 10:14 p.m.68 views

CVE-2022-41947

CVE-2022-41947 describes a cross-site scripting (XSS) vulnerability in DHIS 2 core where an authenticated user can upload a file containing embedded JavaScript, which could be triggered when another authenticated user opens the file in a browser. Affected versions are DHIS 2 prior to 2.36.12.1, 2...

5.4CVSS5.2AI score0.00351EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/12/08 10:14 p.m.30 views

CVE-2022-41947 Cross-site Scripting with user-uploaded files in dhis2-core

DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Through various features of DHIS2, an authenticated user may be able to upload a file which includes embedded javascript. The user could then potentially trick another authenticated...

5.4CVSS5.4AI score0.00351EPSS
Exploits0References2
CVE
CVE
added 2022/12/08 9:57 p.m.72 views

CVE-2022-41949

CVE-2022-41949 affects DHIS 2 core. An authenticated DHIS2 user can craft a request that makes the server fetch external resources, enabling a semi‑blind Server-Side Request Forgery (SSRF) in the dhis2-core component. This can allow an attacker to identify vulnerable services not publicly exposed...

5CVSS4.5AI score0.004EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/12/08 9:57 p.m.20 views

CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core

DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...

5CVSS4.6AI score0.004EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/12/07 12:0 a.m.22 views

CVE-2022-46688

A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...

7AI score0.00429EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2022/12/05 8:0 a.m.33 views

Chromium: CVE-2022-4175 Use after free in Camera Capture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.4AI score0.0071EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/05 12:0 a.m.53 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10229-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10229-1 advisory. - Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a...

8.8CVSS7.3AI score0.23918EPSS
Exploits1References46
Fedora
Fedora
added 2022/12/04 12:29 a.m.29 views

[SECURITY] Fedora 37 Update: wireshark-4.0.1-1.fc37

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS6.9AI score0.008EPSS
Exploits1
Rows per page
Query Builder