Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

313 matches found

Amazon
Amazonadded 2024/02/19 12:0 a.m.2 views

Important: amazon-ssm-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

9.8CVSS8AI score0.04027EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/02/19 12:0 a.m.43 views

Amazon Linux AMI : amazon-ssm-agent (ALAS-2024-1920)

The version of amazon-ssm-agent installed on the remote host is prior to 3.2.2222.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1920 advisory. 2024-04-25: CVE-2023-49568 was added to this advisory. 2024-02-28: CVE-2023-39325 was added to this advisory...

9.8CVSS7.1AI score0.04027EPSS
Exploits0References10
Amazon
Amazonadded 2024/02/19 12:0 a.m.4 views

Important: amazon-ssm-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

9.8CVSS7.5AI score0.04027EPSS
Exploits0
Amazon
Amazonadded 2024/02/19 12:0 a.m.2 views

Important: amazon-ssm-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

9.8CVSS8AI score0.04027EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2024/02/07 8:48 p.m.52 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.11 security and bug fix container update

Red Hat Advanced Cluster Management for Kubernetes 2.7.11 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.8CVSS9AI score0.04027EPSS
Exploits0References11
RedHat Linux
RedHat Linuxadded 2024/02/05 8:41 p.m.36 views

Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.10.2 security update

An update is now available for Red Hat OpenShift GitOps v1.10.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS6.7AI score0.04027EPSS
Exploits1References5
Microsoft CVE
Microsoft CVEadded 2024/01/26 8:0 a.m.2 views

Maliciously crafted Git server replies can cause DoS on go-git clients

...

7.5CVSS7AI score0.00112EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2024/01/26 8:0 a.m.2 views

Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

...

9.8CVSS7AI score0.04027EPSS
Exploits0
OSV
OSVadded 2024/01/23 6:0 p.m.28 views

GO-2024-2466 Denial of service in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4

Denial of service in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4...

7.5CVSS7.6AI score0.00112EPSS
Exploits0References1
OSV
OSVadded 2024/01/23 3:29 p.m.35 views

GO-2024-2456 Path traversal and RCE in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4

Path traversal and RCE in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4...

9.8CVSS8.9AI score0.04027EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2024/01/18 4:35 p.m.38 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.2 security and bug fix container updates

Red Hat Advanced Cluster Management for Kubernetes 2.9.2 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.8CVSS6.6AI score0.04027EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2024/01/12 10:34 p.m.52 views

CVE-2023-49569

A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution. Mitigation In cases where a bump to the latest...

8.1CVSS9.5AI score0.04027EPSS
Exploits0References4
OSV
OSVadded 2024/01/12 11:15 a.m.1 views

DEBIAN-CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS9AI score0.04027EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.5 views

CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS9.6AI score
Exploits0References1
NVD
NVDadded 2024/01/12 11:15 a.m.17 views

CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS9.6AI score0.04027EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.2 views

AZL-39592 CVE-2023-49569 affecting package cri-o for versions less than 1.22.3-12

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS7.3AI score0.04027EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.1 views

AZL-35098 CVE-2023-49569 affecting package packer for versions less than 1.9.5-1

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS7.3AI score0.04027EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.2 views

AZL-35095 CVE-2023-49568 affecting package packer for versions less than 1.9.5-1

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.6AI score0.00112EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.1 views

AZL-39595 CVE-2023-49568 affecting package cri-o for versions less than 1.22.3-12

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.6AI score0.00112EPSS
Exploits0References1
OSV
OSVadded 2024/01/12 11:15 a.m.3 views

AZL-33892 CVE-2023-49568 affecting package packer for versions less than 1.9.5-3

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.6AI score0.00112EPSS
Exploits0References1
Rows per page
Query Builder