Lucene search
K

780 matches found

RedHat Linux
RedHat Linux
added 2024/03/05 6:20 p.m.7 views

Important: Red Hat Enhancement Advisory: redis:7 update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set...

8.1CVSS6.7AI score0.02582EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.5 views

The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform allows a attacker to execute arbitrary code.

The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform relates to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.01228EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/02/29 3:38 p.m.16 views

GO-2022-0427 Unprotected file upload in github.com/swaggo/http-swagger

The httpSwagger package's HTTP handler provides WebDAV read/write access to an in-memory filesystem. An attacker can exploit this to cause memory exhaustion by uploading many files, XSS attacks by uploading malicious files, or other unexpected behaviors...

7.8CVSS6.3AI score0.02333EPSS
Exploits1References3
Amazon
Amazon
added 2024/02/19 12:0 a.m.9 views

Important: amazon-ssm-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

9.8CVSS8AI score0.03796EPSS
Exploits0
Fedora
Fedora
added 2024/01/18 1:47 a.m.24 views

[SECURITY] Fedora 39 Update: redis-7.2.4-1.fc39

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.1CVSS9.7AI score0.02582EPSS
Exploits0
Fedora
Fedora
added 2024/01/18 1:26 a.m.34 views

[SECURITY] Fedora 38 Update: redis-7.0.15-1.fc38

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.1CVSS9.7AI score0.02582EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.27 views

Fedora 39 : redis (2024-6ef42a28c9)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ef42a28c9 advisory. Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-41056 In some cases,...

8.1CVSS7.7AI score0.02582EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/01/18 12:0 a.m.22 views

Fedora: Security Advisory (FEDORA-2024-6ef42a28c9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.02582EPSS
Exploits0References4
Rapid7 Blog
Rapid7 Blog
added 2024/01/17 8:32 p.m.34 views

Whispers of Atlantida: Safeguarding Your Digital Treasure

Recently, Rapid7 observed a new stealer named Atlantida. The stealer tricks users to download a malicious file from a compromised website, and uses several evasion techniques such as reflective loading and injection before the stealer is loaded. Atlantida steals a wide range of login information ...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.4 views

The vulnerability of the Azure Storage Mover service arises from the possibility of the operation being executed outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Azure Storage Mover service is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

8CVSS8.3AI score0.02629EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.35 views

Oracle TimesTen 22.x < 22.1.1.7.0 Multiple Vulnerabilities (July 2023 CPU)

The version of Oracle TimesTen installed on the remote host is 22.x prior to 22.1.1.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory - Vulnerability in Oracle TimesTen In-Memory Database component: TimesTen IMDB Dell BSAFE Micro Edition Suite...

9.8CVSS6.9AI score0.01466EPSS
Exploits2References12
OSV
OSV
added 2024/01/12 11:15 a.m.6 views

AZL-39592 CVE-2023-49569 affecting package cri-o for versions less than 1.22.3-12

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS7.3AI score0.01523EPSS
Exploits0References1
OSV
OSV
added 2024/01/12 11:15 a.m.2 views

DEBIAN-CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

9.8CVSS9AI score0.01523EPSS
Exploits0References1
OSV
OSV
added 2024/01/12 11:15 a.m.2 views

DEBIAN-CVE-2023-49568

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.3AI score0.00704EPSS
Exploits0References1
OSV
OSV
added 2024/01/12 11:15 a.m.5 views

AZL-39595 CVE-2023-49568 affecting package cri-o for versions less than 1.22.3-12

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.6AI score0.00704EPSS
Exploits0References1
OSV
OSV
added 2024/01/12 11:15 a.m.8 views

AZL-33892 CVE-2023-49568 affecting package packer for versions less than 1.9.5-3

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.6AI score0.00704EPSS
Exploits0References1
Prion
Prion
added 2024/01/12 11:15 a.m.32 views

Path traversal

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

7.5CVSS7.7AI score0.01523EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/12 11:15 a.m.19 views

Design/Logic Flaw

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

5CVSS6.7AI score0.00704EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2024/01/12 11:15 a.m.21 views

CVE-2023-49568

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.8AI score0.00704EPSS
Exploits0References3
OSV
OSV
added 2024/01/12 11:15 a.m.4 views

UBUNTU-CVE-2023-49568

A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...

7.5CVSS6.8AI score0.00704EPSS
Exploits0References4
Rows per page
Query Builder