Lucene search
K

7488 matches found

Fedora
Fedora
added 2023/12/04 1:37 a.m.32 views

[SECURITY] Fedora 39 Update: kernel-headers-6.6.3-200.fc39

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

7.8CVSS7.5AI score0.00319EPSS
Exploits0
OSV
OSV
added 2023/12/01 12:0 p.m.15 views

RUSTSEC-2023-0079 KyberSlash: division timings depending on secrets

Various Kyber software libraries in various environments leak secret information into timing, specifically because these libraries include a line of code that divides a secret numerator by a public denominator, the number of CPU cycles for division in various environments varies depending on the...

7.4CVSS7AI score
Exploits0References6
RustSec
RustSec
added 2023/12/01 12:0 p.m.6 views

KyberSlash: division timings depending on secrets

Various Kyber software libraries in various environments leak secret information into timing, specifically because these libraries include a line of code that divides a secret numerator by a public denominator, the number of CPU cycles for division in various environments varies depending on the...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/11/30 7:52 p.m.4 views

net.enilink.komma:net.enilink.commons.ui (>=1.5.2 <=1.7.4), net.enilink.komma:net.enilink.komma.common.ui (>=1.5.2 <=1.7.4) +109 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.urischeme (>=1.1.0 <=1.3.0)

org.eclipse.platform:org.eclipse.urischeme MAVEN version =1.1.0, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.5.2, =1.7.4 - org.eclipse.emfatic:org.eclipse.gymnast.runtime.core =1.0.0 - org.eclipse.jdt:org.eclipse.jdt =3.19.100 -...

5CVSS5.9AI score0.00386EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 2:27 p.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Apr 2023 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.17 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID: CVE-2023-21930 DESCRIPTION: An unspecified...

9.1CVSS8.7AI score0.02474EPSS
Exploits1Affected Software1
GithubExploit
GithubExploit
added 2023/11/27 11:59 p.m.36 views

Exploit for Code Injection in Horsicq Xmachoviewer

CVE-2023-49313 A dylib injection vulnerability in XMachOViewer...

9.8CVSS9.6AI score0.0132EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2023/11/23 6:30 p.m.5 views

app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1460 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.70)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...

5.5CVSS6.2AI score0.00932EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/11/23 6:30 p.m.6 views

androidx.car.app:app-testing (>=1.4.0 <=1.4.0-rc02), androidx.media3:media3-test-utils-robolectric (>=1.2.0 <=1.2.1) +2211 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.72)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =1.6.0, =4.8.3, =1.4.0, =1.0.0, =4.0.7, =4.0.8 and more Source cves: CVE-2023-33202 Source advisory:...

5.5CVSS6.2AI score0.00932EPSS
Exploits1
OSV
OSV
added 2023/11/21 10:30 p.m.38 views

CVE-2023-48700 Clear Text Credentials Exposed via Onboarding Task

The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot down to, in many cases, an IP Address and a Location. Starting in version 2.0.0 and prior to version 3.0.0, credentials provided to onboarding task are...

5.7CVSS6.6AI score0.00414EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/21 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2023:4480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS6.7AI score0.00666EPSS
Exploits1References15
OpenVAS
OpenVAS
added 2023/11/19 12:0 a.m.7 views

Fedora: Security Advisory for dotnet7.0 (FEDORA-2023-1458e23c3d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/11/19 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2023-9f7b2631a9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/19 12:0 a.m.7 views

Fedora: Security Advisory for dotnet6.0 (FEDORA-2023-3dba61ad8c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/11/18 1:38 a.m.15 views

[SECURITY] Fedora 39 Update: dotnet6.0-6.0.124-1.fc39

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/18 1:38 a.m.7 views

[SECURITY] Fedora 39 Update: dotnet7.0-7.0.113-1.fc39

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/18 1:33 a.m.11 views

[SECURITY] Fedora 37 Update: dotnet7.0-7.0.113-1.fc37

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/18 1:26 a.m.15 views

[SECURITY] Fedora 38 Update: dotnet6.0-6.0.124-1.fc38

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/18 1:26 a.m.14 views

[SECURITY] Fedora 38 Update: dotnet7.0-7.0.113-1.fc38

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/17 9:56 a.m.57 views

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index PyPI repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 package...

7.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/16 9:37 p.m.45 views

Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
Rows per page
Query Builder