Lucene search
+L

830 matches found

UbuntuCve
UbuntuCve
added 2023/12/13 12:0 a.m.27 views

CVE-2023-5616

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user...

4.9CVSS6AI score0.00222EPSS
Exploits1References2
NVD
NVD
added 2023/12/12 2:15 a.m.30 views

CVE-2023-49584

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS0.00479EPSS
Exploits0References2
Prion
Prion
added 2023/12/12 2:15 a.m.21 views

Design/Logic Flaw

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4CVSS7.1AI score0.00479EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/12 1:35 a.m.38 views

CVE-2023-49584 Client-Side Desynchronization vulnerability in SAP Fiori Launchpad

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS5AI score0.00479EPSS
Exploits0References2
CVE
CVE
added 2023/12/12 1:35 a.m.51 views

CVE-2023-49584

CVE-2023-49584 affects SAP Fiori Launchpad components across multiple SAP_UI versions (750, 754–758), UI_700 200, and SAP_BASIS 793. The issue allows an attacker to issue HTTP POST requests against a read-only service, resulting in low confidentiality impact per the provided description. Root cau...

4.3CVSS4.6AI score0.00479EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/12 1:35 a.m.11 views

CVE-2023-49584 Client-Side Desynchronization vulnerability in SAP Fiori Launchpad

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

4.3CVSS6.8AI score0.00479EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2023/12/04 9:57 p.m.5 views

launchpadmusicservices.com Improper Access Control vulnerability OBB-3803186

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/12/04 12:0 a.m.26 views

CVE-2023-49093

HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution RCE via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0...

9.8CVSS7.1AI score0.02378EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2023/11/16 11:15 p.m.43 views

CVE-2023-48233

Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a signed long variable, abort with evaluetoolarge. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit...

4.3CVSS6.6AI score0.00749EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/11/02 7:15 p.m.29 views

CVE-2023-31022

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service...

5.5CVSS6.1AI score0.00205EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/11/01 6:15 p.m.27 views

CVE-2023-5480

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. Chromium security severity: High...

6.1CVSS6.7AI score0.011EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/11/01 2:15 p.m.38 views

CVE-2023-5625

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products...

7.5CVSS6.7AI score0.00802EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/10/18 4:15 a.m.41 views

CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS6.9AI score0.01819EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/10/15 1:15 a.m.64 views

CVE-2023-45871

An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU...

7.5CVSS6.9AI score0.00544EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2023/10/03 12:0 a.m.48 views

CVE-2023-5345

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3fscontextparseparam, ctx-password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading pas...

7.8CVSS6.8AI score0.0047EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2023/08/29 10:15 p.m.34 views

CVE-2023-4611

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak...

7CVSS6.7AI score0.00255EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/08/28 7:15 p.m.16 views

CVE-2023-39810

An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal...

7.8CVSS6.8AI score0.00704EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/08/25 12:0 a.m.43 views

CVE-2023-40477

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.5AI score0.1308EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.48 views

CVE-2022-45703

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function displaydebugsection in file readelf.c...

7.8CVSS6.5AI score0.00513EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.44 views

CVE-2022-47007

An issue was discovered function stabdemanglev3arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

5.5CVSS6.8AI score0.00403EPSS
Exploits1References3
Rows per page
Query Builder