Lucene search
K

2478 matches found

Ubuntu
Ubuntu
added 2023/12/12 1:16 p.m.54 views

USN-6534-2: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
OSV
OSV
added 2023/12/06 9:15 a.m.3 views

CVE-2023-49247

Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS5.8AI score0.0042EPSS
Exploits0References2
Talos
Talos
added 2023/12/05 12:0 a.m.58 views

Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...

8.1CVSS8.3AI score0.00819EPSS
Exploits1
Wiz blog
Wiz blog
added 2023/12/04 3:30 p.m.9 views

Wiz at Re:Invent 2023

See what’s new with Wiz at Re:Invent 2023 and learn about how Wiz and AWS continue to strengthen their strategic partnership, keeping AWS customers’ environments secure...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/29 3:46 p.m.5 views

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...

6.6AI score
Exploits0
Citrix
Citrix
added 2023/11/29 12:0 a.m.20 views

How to update vCenter Server certification in Citrix environments

Outlines the steps of how to update vCenter Server certification in on-premises and Cloud DaaS Citrix environments...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/11/27 7:15 a.m.11 views

Closing the Visibility Gap: How Qualys Cloud Agent Passive Sensor (CAPS) Eliminates Blind Spots Without the Hassle

In modern networks, the most significant risks come from systems that fall through the cracks. Modern networks are full of unknown and unmanaged assets. Some are seemingly benign devices introduced by well-meaning employees or contractors that can turn rogue. While some of these may be genuinely...

7.2AI score
Exploits0
CNVD
CNVD
added 2023/11/27 12:0 a.m.3 views

Fuji Electric Tellus Lite V-Simulator Improper Access Control Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...

8.8CVSS6.9AI score0.00484EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/27 12:0 a.m.2 views

Fuji Electric Tellus Lite V-Simulator Out-of-Bounds Write Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. An out-of-bounds write vulnerability exists in Fuji Electric Tellus Lite V-Simulator that originates from an out-of-bounds write when parsing a specially crafted input file...

7.8CVSS8AI score0.00335EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.4 views

Fuji Electric Tellus Lite V-Simulator 安全漏洞

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...

8.8CVSS6.8AI score0.00484EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2023/11/21 3:30 p.m.19 views

When Maximum Effort Doesn't Equate to Maximum Results

It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners. The trick is...

7.4AI score
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 2:55 p.m.107 views

USN-6494-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
CNVD
CNVD
added 2023/11/21 12:0 a.m.7 views

Schneider Electric EcoStruxure Power Monitoring Expert Open Redirection Vulnerability

Schneider Electric EcoStruxure Power Monitoring Expert is a device from Schneider Electric, France, for power distribution monitoring in IoT environments. The Schneider Electric EcoStruxure Power Monitoring Expert suffers from an open redirection vulnerability, which stems from the system not...

8.2CVSS6.7AI score0.00453EPSS
Exploits0References1
Fedora
Fedora
added 2023/11/20 1:22 a.m.34 views

[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.5.0-1.fc39

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS8.3AI score0.03796EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/17 11:49 p.m.63 views

Security Bulletin: IBM Storage Protect for Virtual Environments is vulnerable to arbitrary code execution, sensitive information disclosure, and denial of service due to CVEs in Apache Velocity, Apache Jena, and XStream (woodstox)

Summary IBM Storage Protect for Virtual Environments Data Protection for VMware and Data Protection for Hyper-V can be affected by security flaws in Apache Velocity, Apache Jena, and XStream woodstox. The flaws can lead to arbitrary code execution, sensitive information disclosure, and denial of...

9.8CVSS9.7AI score0.22709EPSS
Exploits2Affected Software1
HackRead
HackRead
added 2023/11/17 6:30 p.m.25 views

Google Reveals ‘Reptar’ Vulnerability Threatening Intel Processors

By Deeba Ahmed Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments. This is a post from HackRead.com Read the original post: Google Reveals Reptar Vulnerability Threatening Intel Processors...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/15 7:52 a.m.106 views

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 CVSS score: 8.8, the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local...

8.8CVSS8AI score0.01728EPSS
Exploits0
CNNVD
CNNVD
added 2023/11/15 12:0 a.m.3 views

Fuji Electric V-Server 缓冲区错误漏洞

Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...

7.8CVSS7.9AI score0.00265EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.5 views

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments, related to improper permission storage, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments is related to improper storage of permissions. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

6.3CVSS6.6AI score0.02693EPSS
Exploits3References8Affected Software4
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 3:30 p.m.5 views

Be Empathetic and Hug Your CISO More!

In the rapidly evolving landscape of cloud computing, the adoption of multi-cloud environments has become a prevailing trend. Organizations increasingly turn to multiple cloud providers to harness diverse features, prevent vendor lock-in, and optimize costs. The multi-cloud approach offers...

7.4AI score
Exploits0
Rows per page
Query Builder