Lucene search
K

780 matches found

CNNVD
CNNVD
added 2025/03/27 12:0 a.m.1 views

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing, and moving application environments across hybrid clouds. A security vulnerability exists in IBM Cloud Pak...

6.5CVSS6.5AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.2 views

H2O 安全漏洞

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A security vulnerability exists in H2O version 3.46.0, which stems from a custom encryption tool endpoint that does not restrict encrypted files, potentially leading to ransomware behavior...

6.5CVSS6.4AI score0.0033EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/03/18 12:0 a.m.6 views

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of Remote Desktop Services RDS for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.1CVSS8.1AI score0.01744EPSS
Exploits0References2
Fedora
Fedora
added 2025/03/15 12:55 a.m.14 views

[SECURITY] Fedora 42 Update: libxml2-2.12.10-1.fc42

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

9.8CVSS7.1AI score0.0113EPSS
Exploits0
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a lack of authorization checking, which could be exploited by an attacker to gain unauthorized access to...

4.3CVSS6.7AI score0.00225EPSS
Exploits0References5
OSV
OSV
added 2025/02/28 2:39 p.m.15 views

SUSE-SU-2025:0744-1 Security update for openssh8.4

This update for openssh8.4 fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Other bugfixes: - Fix usage of local accelerator cards via openssl-ibmca bsc1216474, bsc1218871. - Add patches from upstream to change the...

6.8CVSS6.6AI score0.06997EPSS
Exploits4References11
CNNVD
CNNVD
added 2025/02/10 12:0 a.m.2 views

SAP GUI 安全漏洞

SAP GUI is an application from SAP, a German company. graphical user interface for the SAP system. A security vulnerability exists in SAP GUI that stems from credentials being incorrectly stored in program memory. An attacker exploiting this vulnerability could access information within the syste...

6CVSS6.4AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.4 views

PT-2025-5792 · Ibm · Ibm Applinx

Name of the Vulnerable Software and Affected Versions: IBM ApplinX version 11.1 Description: The issue concerns the storage of sensitive information in cleartext in memory, which could be accessed by an authenticated user. Recommendations: For IBM ApplinX version 11.1, consider restricting access...

6.5CVSS6.2AI score0.00187EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.5 views

The vulnerability of the client authenticity verification mechanism in Microsoft Digest operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the client authenticity verification mechanism in Microsoft Digest operating systems for Windows is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a remote attacker to execute...

8.1CVSS8.4AI score0.01165EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/23 12:0 a.m.19 views

RHEL 8 : redis:6 (RHSA-2025:0640)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0640 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

9.8CVSS8.2AI score0.07802EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2025/01/20 1:21 a.m.16 views

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7.7AI score0.07802EPSS
Exploits2References2
Fedora
Fedora
added 2025/01/17 1:35 a.m.30 views

[SECURITY] Fedora 40 Update: redict-7.3.2-1.fc40

Redict is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS7.2AI score0.07802EPSS
Exploits3
Fedora
Fedora
added 2025/01/17 1:35 a.m.25 views

[SECURITY] Fedora 40 Update: valkey-8.0.2-1.fc40

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS6.9AI score0.07802EPSS
Exploits2
Fedora
Fedora
added 2025/01/17 1:26 a.m.19 views

[SECURITY] Fedora 41 Update: redict-7.3.2-1.fc41

Redict is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS7.1AI score0.07802EPSS
Exploits3
Fedora
Fedora
added 2025/01/09 2:3 a.m.20 views

[SECURITY] Fedora 41 Update: valkey-8.0.2-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS6.9AI score0.07802EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-25422

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw was found in GIMP, specifically an integer overflow vulnerability in the "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height,...

8.8CVSS8.5AI score0.10561EPSS
Exploits1References44
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.4 views

The vulnerability of Veeam Backup & Replication’s protection mechanism for cloud, virtual, and physical systems lies in its ability to allow unauthorized access to read, modify, or delete data stored in memory. This vulnerability enables attackers to gain unauthorized access to these data.

The vulnerability of Veeam Backup & Replication’s protection for cloud, virtual, and physical systems stems from the restoration of unreliable data in memory due to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker operating remotel...

7.5CVSS7.1AI score0.14009EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.3 views

PT-2024-9464 · Microsoft · Windows Remote Desktop Services +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Description: The issue is related to a remote code execution problem in Windows Remote Desktop Services. It involves the use of insecure mechanisms for handling authentication da...

8.1CVSS8.3AI score0.01058EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.3 views

PT-2024-9493 · Microsoft · Windows Remote Desktop Services +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. It allows a remote attacker to execute...

8.1CVSS7.6AI score0.01058EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.3 views

Silicon Labs Z-Wave 700和800 安全漏洞

The Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a family of chips from Silicon Labs, Inc. A security vulnerability exists in the Silicon Labs Z-Wave 700 and 800 version 7.21.1 that stems from an insecure privilege that allows an attacker to...

6.2CVSS6.7AI score0.00216EPSS
Exploits1References1
Rows per page
Query Builder