Lucene search
K

7485 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/07/04 7:15 a.m.48 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Apr 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle...

9.1CVSS8.7AI score0.02474EPSS
Exploits1Affected Software1
OSV
OSV
added 2023/07/01 12:15 a.m.2 views

CVE-2021-42307

Microsoft Edge Chromium-based Information Disclosure Vulnerability...

4.3CVSS5.8AI score0.01041EPSS
Exploits0References1
Prion
Prion
added 2023/06/30 8:15 p.m.24 views

Design/Logic Flaw

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...

4.3CVSS7.9AI score0.00298EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2023/06/30 12:0 a.m.4 views

Malwarebytes 安全漏洞

Malwarebytes is an application that provides anti-malware functionality to devices from the US-based company Malwarebytes. The software is designed to defend against viruses, spyware, Trojans, worms, dial-up programs, and other malware. debug is a small JavaScript debugging utility open-sourced b...

7.8CVSS7.8AI score0.00298EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/30 12:0 a.m.7 views

CVE-2023-29145

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...

7.9AI score0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/30 12:0 a.m.28 views

CVE-2023-29145

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...

8.1AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2023/06/28 5:15 p.m.3 views

DRUPAL-CONTRIB-2023-027

This module enables a UI to display all libraries provided by modules and themes on the Drupal site. The module doesn't sufficiently protect the libraries reporting page. It curently is using the 'access content' permission and not a proper administrative/access permission. The...

6.5AI score
Exploits0References1
Drupal
Drupal
added 2023/06/28 12:0 a.m.10 views

Libraries UI - Moderately critical - Access bypass - SA-CONTRIB-2023-027

This module enables a UI to display all libraries provided by modules and themes on the Drupal site. The module doesn't sufficiently protect the libraries reporting page. It curently is using the 'access content' permission and not a proper administrative/access permission. The...

6.5AI score
Exploits0References6
Prion
Prion
added 2023/06/27 12:15 p.m.19 views

Privilege escalation

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...

4.4CVSS8AI score0.0075EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/27 11:36 a.m.17 views

CVE-2023-34395 Apache Airflow ODBC Provider: Remote code execution vulnerability

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...

8.2AI score0.0075EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/27 12:0 a.m.3 views

PT-2023-24858

Name of the Vulnerable Software and Affected Versions Apache Airflow ODBC Provider versions prior to 4.0.0 Description A privilege escalation vulnerability exists due to controllable ODBC driver parameters in OdbcHook, allowing the loading of arbitrary dynamic-link libraries and resulting in...

7.8CVSS7.7AI score0.0075EPSS
Exploits0References10
vulnersOsv
vulnersOsv
added 2023/06/26 9:30 p.m.5 views

cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +162 more potentially affected by CVE-2021-31635 via com.jfinal:jfinal (>=1.4 <=4.9.08)

com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0.0, =1.0, =3.30.7-RELEASE, =0.0.8, =0.0.8, =0.0.8, =1.29.1.trial, =1.29.1.trial, =1.45.0 - cn.dreampie:jfinal-akka =0.1 - cn.dreampie:jfinal-captcha =0.1 and more Source cves: CVE-2021-31635 Source advisory: OSV:GHSA-CGMM-C2M9-FF7R...

9.8CVSS7.2AI score0.01206EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/25 12:0 a.m.25 views

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:2242-2)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2242-2 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References22
Fedora
Fedora
added 2023/06/24 1:22 a.m.13 views

[SECURITY] Fedora 38 Update: dotnet7.0-7.0.107-1.fc38

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
Fedora
Fedora
added 2023/06/24 1:21 a.m.12 views

[SECURITY] Fedora 37 Update: dotnet7.0-7.0.107-1.fc37

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
Fedora
Fedora
added 2023/06/24 1:21 a.m.12 views

[SECURITY] Fedora 37 Update: dotnet6.0-6.0.118-1.fc37

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.9AI score
Exploits0
OSV
OSV
added 2023/06/23 11:8 a.m.12 views

SUSE-SU-2023:2242-2 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization bsc1210628. - CVE-2023-21937: Fixed an issue in the Networki...

7.4CVSS5.8AI score0.02474EPSS
Exploits1References15
vulnersOsv
vulnersOsv
added 2023/06/22 12:5 p.m.8 views

ai.grakn:grakn-dist (>=0.15.0 <=0.17.0), ai.grakn:janus-factory (>=0.17.0 <=0.18.0) +1218 more potentially affected by unknown CVE via ch.qos.reload4j:reload4j (>=1.2.18.0 <=1.2.21)

ch.qos.reload4j:reload4j MAVEN version =1.2.18.0, =0.15.0, =0.17.0, =0.15.0, =1.6.0, =3.7.6, =0.6.2, =0.6.0, =0.8.0, =1.6.0-pre - com.aegisql.conveyor-persistence-jdbc:conveyor-persistence-jdbc =1.6.1 - com.aegisql.persistence:conveyor-persistence =1.6.1 -...

5.5AI score
Exploits0
OpenVAS
OpenVAS
added 2023/06/19 12:0 a.m.25 views

Debian: Security Advisory (DLA-3455-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.21052EPSS
Exploits8References4
Fedora
Fedora
added 2023/06/18 1:14 a.m.24 views

[SECURITY] Fedora 37 Update: iaito-5.8.6-1.fc37

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

7.5CVSS7.4AI score0.00698EPSS
Exploits1
Rows per page
Query Builder