The vulnerability in the set of development libraries for Intel Distribution for GDB relates to the improper use of standard resolutions, allowing attackers to increase their privileges.

The vulnerability in the set of development libraries for Intel Distribution for GDB is related to the improper use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the application development library set for Intel Distribution for GDB, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability in the set of development libraries for Intel Distribution for GDB is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability in the set of development libraries for Intel Distribution for GDB relates to incorrect elimination of special elements in output data, allowing an attacker to trigger a service failure.

The vulnerability in the application development library set of Intel Distribution for GDB is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the set of development libraries for Intel Distribution for Python, related to errors in using standard permissions, allows a perpetrator to increase their privileges.

The vulnerability in the library set for application development with Intel Distribution for Python is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

Malicious code in christmasmiraclemaker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64f06a86dd5b916af92fc3adf5c1e5638df9eaa156a1bc122e4e647f2aae236e Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation. --- Category: PROBABLYPENTEST -...

CVE-2024-11669

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes...

CVE-2024-8114

An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token PAT to escalate privileges...

The vulnerability of Siemens SINEMA Remote Connect arises from the use of incorrect authentication tokens due to unlimited distribution of resources, which can lead to service failures.

The vulnerability of Siemens SINEMA Remote Connect relates to the use of incorrect authentication tokens due to unlimited distribution of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...

Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.8 bug fixes and container updates

Multicluster Engine for Kubernetes 2.3.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2021-1410

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...

CVE-2021-1410

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...

CVE-2021-1410 Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...

CVE-2021-1410 Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...

Fedora: Security Advisory (FEDORA-2024-e7bb8bc2da)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : golang-github-docker-distribution (2022-21aa9bae12)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-21aa9bae12 advisory. Automatic update for golang-github-docker-distribution-2.8.1-2.20220821gitbc6b745.fc37. Changelog Sun Aug 21 2022 Robert-Andr Mauchin 2.8.1-2 - Upda...

CVE-2024-5125

parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting XSS and Open Redirect due to inadequate input validation and processing of SVG files during the upload process. The XSS vulnerability allows attackers to embed malicious JavaScript code within SVG files, which is executed upo...

CVE-2024-5125

CVE-2024-5125 affects parisneo/lollms-webui version 9.6, where SVG processing during file upload enables two issues: Cross‑Site Scripting (XSS) and Open Redirect. The root cause is inadequate input validation and handling of SVG files in the upload flow, allowing embedded JavaScript execution and...

CVE-2024-5125 XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui

parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting XSS and Open Redirect due to inadequate input validation and processing of SVG files during the upload process. The XSS vulnerability allows attackers to embed malicious JavaScript code within SVG files, which is executed upo...

CVE-2024-5125 XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui

parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting XSS and Open Redirect due to inadequate input validation and processing of SVG files during the upload process. The XSS vulnerability allows attackers to embed malicious JavaScript code within SVG files, which is executed upo...

Fedora 37 : golang-github-distribution-3 (2022-741325e9a0)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-741325e9a0 advisory. Update to 3.0.0 pre1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...