Lucene search
K

5122 matches found

RedHat Linux
RedHat Linux
added 2022/11/01 2:20 p.m.106 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

7.8CVSS6.8AI score0.06451EPSS
Exploits7References5
CNVD
CNVD
added 2022/10/31 12:0 a.m.30 views

Wireshark Denial of Service Vulnerability (CNVD-2023-62294)

Wireshark formerly known as Ethereal is a set of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from a denial of service vulnerability that stems from not properly...

7.5CVSS7.1AI score0.008EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/10/27 5:15 p.m.51 views

CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

7.5CVSS6.8AI score0.008EPSS
Exploits1References4
Prion
Prion
added 2022/10/27 5:15 p.m.22 views

Design/Logic Flaw

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

5CVSS7.4AI score0.008EPSS
Exploits1References5Affected Software2
AlpineLinux
AlpineLinux
added 2022/10/27 5:15 p.m.35 views

CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

7.5CVSS3.4AI score0.008EPSS
Exploits1
OSV
OSV
added 2022/10/27 5:15 p.m.2 views

UBUNTU-CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

7.5CVSS7AI score0.008EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/10/27 12:0 a.m.23 views

CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

6.3CVSS7.8AI score0.008EPSS
Exploits1References5
CVE
CVE
added 2022/10/27 12:0 a.m.360 views

CVE-2022-3725

CVE-2022-3725 affects Wireshark 3.6.0–3.6.8, causing a crash in the OPUS protocol dissector that can lead to denial of service via crafted captures or packet injection. Connected sources confirm the vulnerability’s presence in Wireshark and cite remediation guidance requiring an upgrade. Practica...

7.5CVSS7.4AI score0.008EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.2 views

PT-2022-23893 · Wireshark +3 · Wireshark +3

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.8 Description: The issue is related to a crash in the OPUS protocol dissector, which allows for denial of service via packet injection or crafted capture file. This can be exploited by injecting packets or...

7.5CVSS7.8AI score0.0462EPSS
Exploits17References85
OSV
OSV
added 2022/10/27 12:0 a.m.24 views

CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

6.3CVSS7.9AI score0.008EPSS
Exploits1References7
AlmaLinux
AlmaLinux
added 2022/10/25 12:0 a.m.58 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 Information leak in scsiioctl CVE-2022-0494 A kernel-info-leak issue in pfkeyregister CVE-2022-13...

7.8CVSS7.6AI score0.06214EPSS
Exploits7References15
NVD
NVD
added 2022/10/19 4:15 p.m.13 views

CVE-2022-43418

A cross-site request forgery CSRF vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS0.00397EPSS
Exploits0References2
Prion
Prion
added 2022/10/19 4:15 p.m.22 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS4.6AI score0.00397EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.4 views

Jenkins Katalon Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

4.3CVSS5AI score0.00397EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.24 views

CVE-2022-43426

Jenkins S3 Explorer Plugin 1.0.8 and earlier does not mask the AWSSECRETACCESSKEY form field, increasing the potential for attackers to observe and capture it...

5.5AI score0.00512EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.9 views

PT-2022-26902 · Jenkins · Jenkins Katalon Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Katalon Plugin versions 1.0.32 and earlier Description: The issue allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturin...

4.3CVSS4.4AI score0.00554EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.6 views

CVE-2022-43417

Jenkins Katalon Plugin 1.0.32 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

4.5AI score0.00554EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.4 views

PT-2022-26903 · Jenkins · Jenkins Katalon Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Katalon Plugin versions 1.0.33 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

4.3CVSS4.5AI score0.00397EPSS
Exploits0References10
wpexploit
wpexploit
added 2022/10/10 12:0 a.m.82 views

Rock Convert < 2.6.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape an URL before outputting it back in an attribute when a specific widget is present on a page, leading to a Reflected Cross-Site Scripting On a page where the "Capture box | Rock Convert" widget is present, append ?"alert/XSS/, e.g:...

6.1CVSS6.2AI score0.00486EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/10/04 11:15 a.m.48 views

USN-5205-1: Tcpreplay vulnerabilities

It was discovered that Tcpreplay incorrectly handled certain specially crafted packet capture input when processed by tcpprep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. CVE-2018-13112 It was discovered that Tcpreplay...

9.8CVSS7.1AI score0.02531EPSS
Exploits12
Rows per page
Query Builder