Lucene search
K

7488 matches found

vulnersOsv
vulnersOsv
added 2023/10/10 9:28 p.m.7 views

com.atlan:package-toolkit-testing (>=5.3.1 <=6.1.2), com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 (>=2.6.0 <=2.8.0) +704 more potentially affected by CVE-2023-44487 via org.eclipse.jetty.http2:jetty-http2-server (>=12.0.0 <=12.0.19)

org.eclipse.jetty.http2:jetty-http2-server MAVEN version =12.0.0, =5.3.1, =2.6.0, =0.217, =0.217, =0.217, =0.217, =0.217, =0.217, =0.217, =0.295, =0.295, =0.295, =0.295, =0.295, =0.296 and more Source cves: CVE-2023-44487 Source advisory: OSV:GHSA-QPPJ-FM5R-HXR3...

7.5CVSS7.1AI score0.99999EPSS
Exploits19
Prion
Prion
added 2023/10/10 11:15 a.m.18 views

Improper access control

A vulnerability has been identified in SINEC NMS All versions V2.0. The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

4.3CVSS7.5AI score0.00162EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/10 7:59 a.m.32 views

Security Bulletin: Multipe vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Configuration Manager.

Summary Multipe vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration v6.4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details...

9.1CVSS8.4AI score0.02474EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.1 views

Siemens SINEC NMS 安全漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. The Siemens SINEC NMS suffers from an Incorrect Privilege Assignment...

7.8CVSS7.2AI score0.00162EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/10/09 12:42 a.m.6 views

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.herodotus.engine:access-core (>=2.7.2.3 <=3.1.4.2) +817 more potentially affected by CVE-2023-43643 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.7.3)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =2.7.0.0, =2.7.0.Beta1, =2.7.0.0, =2.7.0.Beta1, =2.7.0.0, =2.7.0.0, =2.7.0.0, =2.7.0.10, =3.1.4.2 and more Source cves: CVE-2023-43643 Source advisory: OSV:GHSA-PCF2-GH6G-H5R2...

6.1CVSS6.8AI score0.00476EPSS
Exploits1
Rockylinux
Rockylinux
added 2023/10/06 10:57 p.m.42 views

python3.11 security update

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an accessible, high-level, dynamically typed, interpreted...

5.3CVSS7.1AI score0.0079EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/10/05 2:3 p.m.79 views

Important: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS7.2AI score0.81422EPSS
Exploits27References5
OpenVAS
OpenVAS
added 2023/10/05 12:0 a.m.25 views

Fedora: Security Advisory (FEDORA-2023-63e5a77522)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.81422EPSS
Exploits27References11
ATTACKERKB
ATTACKERKB
added 2023/10/04 10:15 p.m.5 views

CVE-2023-40299

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...

7.8CVSS7.3AI score0.00352EPSS
Exploits1References5
Fedora
Fedora
added 2023/10/04 5:16 p.m.75 views

[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.8CVSS7.7AI score0.81422EPSS
Exploits27
Fedora
Fedora
added 2023/10/04 3:52 p.m.46 views

[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.8CVSS7.7AI score0.81422EPSS
Exploits27
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.5 views

PT-2023-27366 · Kong · Kong Insomnia

Name of the Vulnerable Software and Affected Versions: Kong Insomnia version 2023.4.0 Description: The issue allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD INSERT LIBRARIES environment variable. This can be exploited on macOS...

7.8CVSS7.3AI score0.00352EPSS
Exploits1References9
Wiz blog
Wiz blog
added 2023/10/01 1:31 p.m.36 views

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild...

8.8CVSS8.6AI score0.99739EPSS
Exploits12
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/30 4:34 a.m.45 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

9.1CVSS8.5AI score0.02474EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2023/09/29 12:0 a.m.3 views

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from the fact that manipulation of the...

9.8CVSS8.4AI score0.00684EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/28 7:41 a.m.53 views

Security Bulletin: IBM Operational Decision Manager September 2023 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-2253...

6.5CVSS7.3AI score0.01316EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2023/09/25 6:30 p.m.7 views

ai.catboost:catboost-spark_2.3_2.11 (>=1.2.1 <=1.2.7), ai.catboost:catboost-spark_2.4_2.11 (>=1.2.1 <=1.2.7) +6295 more potentially affected by CVE-2023-43642 via org.xerial.snappy:snappy-java (>=1.0.1-rc3 <=1.1.10.3)

org.xerial.snappy:snappy-java MAVEN version =1.0.1-rc3, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.1, =1.2.3, =1.2.3, =0.13.0, =0.14.0 and more Source cves: CVE-2023-43642 Source advisory: OSV:GHSA-55G7-9CWV-5QFV...

7.5CVSS6.4AI score0.0104EPSS
Exploits1
Fedora
Fedora
added 2023/09/22 1:30 a.m.11 views

[SECURITY] Fedora 37 Update: dotnet7.0-7.0.111-1.fc37

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
Fedora
Fedora
added 2023/09/22 1:17 a.m.16 views

[SECURITY] Fedora 38 Update: dotnet6.0-6.0.122-1.fc38

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
Fedora
Fedora
added 2023/09/22 1:17 a.m.14 views

[SECURITY] Fedora 38 Update: dotnet7.0-7.0.111-1.fc38

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
Rows per page
Query Builder