Lucene search
K

780 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.5 views

The vulnerability of the Citrix NetScaler Application Delivery Controller (previously Citrix ADC) and the Citrix NetScaler Gateway (previously Citrix Gateway) access control systems lies in the fact that operations are executed outside of the buffer in memory, allowing attackers to cause service failures.

The vulnerability of the Citrix NetScaler Application Delivery Controller previously Citrix ADC and the Citrix NetScaler Gateway previously Citrix Gateway access control system lies in the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cau...

7.8CVSS5.7AI score0.00562EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.3 views

PT-2024-22764 · Sharp +1 · Multiple Mfps

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves user passwords being decrypted and stored in memory before any user logs in. These decrypted passwords can be retrieved from the...

5.9CVSS6.7AI score0.00853EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.4 views

PT-2024-23174 · Sharp +1 · Multiple Mfps

Name of the Vulnerable Software and Affected Versions: Product name affected versions not specified Description: The issue involves user passwords being decrypted and stored in memory before any user logs in. These decrypted passwords can be retrieved from the coredump file. Recommendations: At t...

5.9CVSS6.7AI score0.01281EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/11/25 4:56 p.m.21 views

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.02015EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.3 views

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security vulnerability that stems from the fact that under certain circumstances, a user's password is stored in session data in a...

7.5CVSS6.4AI score0.00338EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/05 12:8 p.m.5 views

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

4.3CVSS5.8AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 12:7 p.m.2 views

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

4.3CVSS5.8AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 11:47 a.m.4 views

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

4.3CVSS5.8AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 11:25 a.m.3 views

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

4.3CVSS5.8AI score0.00684EPSS
Exploits0References5
Fedora
Fedora
added 2024/10/16 1:8 a.m.26 views

[SECURITY] Fedora 40 Update: valkey-8.0.1-1.fc40

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS7.1AI score0.04488EPSS
Exploits1
Veracode
Veracode
added 2024/10/15 4:0 p.m.11 views

Incorrect Privilege Assignment

github.com/hashicorp/vault is vulnerable to Incorrect Privilege Assignment. The vulnerability is due to the mishandling of entries in an in-memory cache, a privileged operators could manipulate their cached record through an API endpoint on a node, potentially escalating their privileges to the...

7.2CVSS6.5AI score0.00528EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2024/10/15 3:23 p.m.19 views

[SECURITY] Fedora 41 Update: valkey-8.0.1-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS6.9AI score0.04488EPSS
Exploits1
Fedora
Fedora
added 2024/10/12 1:52 a.m.20 views

[SECURITY] Fedora 39 Update: redis-7.2.6-1.fc39

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.8CVSS7.1AI score0.04488EPSS
Exploits1
Fedora
Fedora
added 2024/10/12 1:41 a.m.23 views

[SECURITY] Fedora 40 Update: redis-7.2.6-1.fc40

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.8CVSS7.1AI score0.04488EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.4 views

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS6AI score0.01094EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.10 views

H2O 安全漏洞

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. H2O suffers from a security vulnerability that stems from a possible crash due to assertion failure when configured as a reverse proxy and a client cancels an HTTP/3 request, which can be exploited by ...

7.5CVSS6.5AI score0.00632EPSS
Exploits0References5
Akamai Blog
Akamai Blog
added 2024/10/10 7:0 p.m.2 views

In-memory Data Management Caching Tools: A Guide to the Best Options

In-memory data management caching tools store frequently accessed data in memory, which significantly improves performance by reducing how often the database needs to be accessed...

7AI score
Exploits0
OSV
OSV
added 2024/10/09 4:30 p.m.20 views

BIT-KEYDB-2024-31449 Lua library commands may lead to stack overflow and RCE in Redis

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...

8.8CVSS7.3AI score0.04488EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/10/07 11:25 p.m.20 views

CVE-2024-31449

A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. Mitigation Mitigation for this...

7CVSS7AI score0.04488EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.20 views

Enpass Password Manager 安全漏洞

Enpass Password Manager is a cross-platform offline password manager from Enpass. A security vulnerability exists in Enpass Password Manager version 6.9.5 and earlier versions, which originates from sensitive information being stored in memory in plaintext...

2.5CVSS4.1AI score0.00135EPSS
Exploits0References5
Rows per page
Query Builder