Lucene search
K

7485 matches found

OpenVAS
OpenVAS
added 2023/05/27 12:0 a.m.13 views

Fedora: Security Advisory for python3.11 (FEDORA-2023-1092538441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.20459EPSS
Exploits3References2
vulnersOsv
vulnersOsv
added 2023/05/26 6:30 p.m.7 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.djl.spring:djl-spring-boot-starter-autoconfigure (>=0.2 <=0.11) +26968 more potentially affected by CVE-2023-20883 via org.springframework.boot:spring-boot-autoconfigure (>=1.0.0.RELEASE <=2.5.14)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =1.0.0.RELEASE, =4.4.0.0, =0.2, =0.2, =0.2, =0.2, =0.2, =0.2, =0.5, =0.0.12, =0.1.8, =0.1.6, =0.1.2, =0.0.6, =0.0.11, =0.0.51 and more Source cves: CVE-2023-20883 Source advisory: OSV:GHSA-XF96-W227-R7C4...

7.5CVSS7.2AI score0.00904EPSS
Exploits0
Fedora
Fedora
added 2023/05/26 1:52 a.m.34 views

[SECURITY] Fedora 38 Update: python3.11-3.11.3-2.fc38

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

7.5CVSS7.2AI score0.20459EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2023/05/25 7:58 a.m.55 views

Important: Red Hat Security Advisory: go-toolset and golang security update

An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.7AI score0.02281EPSS
Exploits0References2
OSV
OSV
added 2023/05/19 12:15 p.m.5 views

CVE-2023-26818

Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLDINSERTLIBRARIES flag...

5.5CVSS6.1AI score0.0054EPSS
Exploits2References2
NVD
NVD
added 2023/05/18 10:15 a.m.22 views

CVE-2022-4418

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40208...

7.8CVSS7.9AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/18 9:56 a.m.31 views

CVE-2022-4418

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40208...

7.8CVSS8.1AI score0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/18 9:56 a.m.10 views

CVE-2022-4418

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40208...

7.8CVSS7.9AI score0.00121EPSS
Exploits0References1
Fedora
Fedora
added 2023/05/18 12:50 a.m.17 views

[SECURITY] Fedora 37 Update: rust-cargo-c-0.9.12-4.fc37

Helper program to build and install c-like libraries...

7.5CVSS7AI score0.01121EPSS
Exploits1
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.2 views

Acronis Cyber Protect 数据伪造问题漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, cybersecurity and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security vulnerabili...

7.8CVSS7.3AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/18 12:0 a.m.4 views

PT-2023-14433 · Acronis · Acronis Cyber Protect Home Office

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Home Office Windows versions before build 40208 Description: The issue is related to local privilege escalation due to the unrestricted loading of unsigned libraries. Recommendations: For Acronis Cyber Protect Home Offic...

7.8CVSS7.6AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.31 views

SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2023:2238-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2238-1 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker t...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References22
RedHat Linux
RedHat Linux
added 2023/05/17 5:53 p.m.4 views

jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS6.1AI score0.01095EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/17 5:53 p.m.7 views

jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS6.1AI score0.01161EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/17 5:53 p.m.5 views

jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS7.6AI score0.0116EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/17 5:53 p.m.5 views

jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin

A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...

9.9CVSS7.6AI score0.01095EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.44 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : OpenJDK vulnerabilities (USN-6077-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6077-1 advisory. Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.66 views

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2023-2038)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.372.b07-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2038 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References16
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/16 4:18 p.m.27 views

Security Bulletin: IBM Security Verify Information Queue has multiple third-party library vulnerabilities

Summary IBM Security Verify Information Queue ISIQ v10.0.5 has remediated vulnerabilities in the third-party libraries that it uses. Vulnerability Details CVEID:CVE-2022-41946 DESCRIPTION: Postgresql JDBC could allow a local authenticated attacker to obtain sensitive information, caused by not...

8.8CVSS9.4AI score0.95302EPSS
Exploits13Affected Software1
Snyk
Snyk
added 2023/05/16 8:19 a.m.1 views

Malicious Package

Overview @bluebooster/libs is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder