Lucene search
K

1048 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-4130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find...

5.5CVSS6.2AI score0.00224EPSS
Exploits1References2
Talos
Talos
added 2025/08/25 12:0 a.m.7 views

The Biosig Project libbiosig Nex parsing out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2238 The Biosig Project libbiosig Nex parsing out-of-bounds read vulnerability August 25, 2025 CVE Number CVE-2025-52461 SUMMARY An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branc...

9.1CVSS6.3AI score0.0048EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/08/16 1:27 p.m.7 views

CVE-2023-4130

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...

5.5CVSS5.5AI score0.00224EPSS
Exploits1
OSV
OSV
added 2025/08/16 1:27 p.m.6 views

CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...

5.5CVSS6.3AI score0.00224EPSS
Exploits1References7
Microsoft KB
Microsoft KB
added 2025/07/08 2:0 p.m.8 views

Description of the security update for SharePoint Server 2019 Language Pack: July 8, 2025 (KB5002739)

Description of the security update for SharePoint Server 2019 Language Pack: July 8, 2025 KB5002739 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

7.8CVSS7.4AI score0.00558EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/28 12:0 a.m.3 views

HDF5 安全漏洞

HDF5 is a data management suite developed by The HDF Group for storing and managing large-scale scientific data. A buffer overflow vulnerability exists in HDF5 1.14.6 and earlier versions, which stems from improper handling of the H5Ofsinfoencode function in the /src/H5Ofsinfo.c file. An attacker...

4.8CVSS6.9AI score0.00208EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:26 a.m.8 views

CVE-2024-0191

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit...

5.3CVSS5.3AI score0.00784EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.6 views

CVE-2019-10319

A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpldoTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as...

4.3CVSS6.3AI score0.00786EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/24 12:0 a.m.7 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the leakage of file and directory information, allows a hacker to exploit the access token in the logs.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the leakage of information about files and directories. Exploiting this vulnerability can allow a malicious actor to gain access to tokens recorded in logs...

8.5CVSS5.5AI score0.0047EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/22 12:34 p.m.13 views

CVE-2024-7043

An improper access control vulnerability in open-webui/open-webui v0.3.8 allows attackers to view and delete any files. The application does not verify whether the attacker is an administrator, allowing the attacker to directly call the GET /api/v1/files/ interface to retrieve information on all...

8.8CVSS6.5AI score0.00563EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2025/02/11 8:0 a.m.290 views

February 11, 2025—Hotpatch KB5052106 (OS Build 20348.3148)

None None...

8.8CVSS6.8AI score0.21638EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2025/01/14 8:0 a.m.50 views

Description of the security update for the remote code execution vulnerability in Visual Studio 2015 Update 3: February 11, 2025 (KB5049688)

Description of the security update for the remote code execution vulnerability in Visual Studio 2015 Update 3: February 11, 2025 KB5049688 Applies to: All Visual Studio 2015 Update 3 editions except Integrated Shell and Build Tools. Summary A remote code execution vulnerability exists in Microsof...

8.8CVSS8.6AI score0.02262EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.4 views

The vulnerability of the Adobe Document Service component in the SAP NetWeaver AS for Java software for creating and deploying web applications allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the Adobe Document Service component in SAP NetWeaver AS for Java software for creating and deploying web applications is related to the leakage of file and directory information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality of protect...

6.8CVSS5.5AI score0.00533EPSS
Exploits0References3Affected Software1
Microsoft KB
Microsoft KB
added 2024/11/12 8:0 a.m.46 views

Description of the security update for Word 2016: November 12, 2024 (KB5002619)

Description of the security update for Word 2016: November 12, 2024 KB5002619 Summary This security update resolves a Microsoft Word security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-49033. Note: To apply this...

7.5CVSS6.2AI score0.02072EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2024/11/12 8:0 a.m.30 views

Description of the security update for SharePoint Server Subscription Edition: November 12, 2024 (KB5002651)

Description of the security update for SharePoint Server Subscription Edition: November 12, 2024 KB5002651 Summary This security update for SharePoint Server provides defense-in-depth updates to help improve security-related features. To learn more about the updates, see Microsoft Advisory...

6.8AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/15 12:0 a.m.2 views

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

...

4.3CVSS6.9AI score0.01521EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2024/10/08 2:0 p.m.60 views

October 8, 2024—KB5044288 (OS Build 25398.1189)

October 8, 2024—KB5044288 OS Build 25398.1189 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

9CVSS8.2AI score0.60954EPSS
Exploits4
Microsoft KB
Microsoft KB
added 2024/10/08 7:0 a.m.33 views

Description of the security update for Excel 2016: October 8, 2024 (KB5002643)

Description of the security update for Excel 2016: October 8, 2024 KB5002643 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-43504.​​​​​ Note: To apply...

7.8CVSS6.6AI score0.06103EPSS
Exploits0
CVE
CVE
added 2024/09/26 8:4 a.m.52 views

CVE-2024-42406

Mattermost CVE-2024-42406 affects Mattermost Server versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x

5.4CVSS5.3AI score0.00215EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.6 views

PT-2024-29929 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.8 Mattermost versions 9.9.x through 9.9.2 Mattermost versions 9.10.x through 9.10.1 Mattermost versions 9.11.x through 9.11.0 Description: The issue allows an attacker to retrieve post and file informatio...

5.4CVSS6.9AI score0.00215EPSS
Exploits0References8
Rows per page
Query Builder