Lucene search
K

7485 matches found

OpenVAS
OpenVAS
added 2023/04/23 12:0 a.m.10 views

Fedora: Security Advisory for dr_libs (FEDORA-2023-9b87fb6b07)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/04/22 1:12 a.m.13 views

[SECURITY] Fedora 36 Update: dr_libs-0^20230324git4b3d078-0.1.fc36

Single-file audio decoding libraries for C/C++...

6.8AI score
Exploits0
Fedora
Fedora
added 2023/04/21 2:11 a.m.9 views

[SECURITY] Fedora 37 Update: dr_libs-0^20230324git4b3d078-0.1.fc37

Single-file audio decoding libraries for C/C++...

6.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/20 9:33 p.m.4 views

ai.ylyue:yue-library-base (=j11.2.6.2), ai.ylyue:yue-library-data-es (=j11.2.6.2) +829 more potentially affected by CVE-2023-20873 via org.springframework.boot:spring-boot-actuator-autoconfigure (>=2.6.0 <=2.6.14)

org.springframework.boot:spring-boot-actuator-autoconfigure MAVEN version =2.6.0, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.0, =1.1.2, =1.1.4 - cn.kduck:kduck-security =1.1.2 - cn.kduck:kduck-security-principal =1.1.2 and more Source cves: CVE-2023-20873 Source advisory:...

9.8CVSS7.2AI score0.01122EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.309 views

Azul Zulu Java Multiple Vulnerabilities (2023-04-18)

The version of Azul Zulu installed on the remote host is prior to 6 6.55.0.12 / 7 7.61.0.18 / 8 8.69.0.16 / 11 11.63.16 / 17 17.41.14 / 20 20.30.12. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-04-18 advisory. - Vulnerability in the Oracle Java SE, Oracle Graal...

7.4CVSS6.4AI score0.02474EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.28 views

Oracle Linux 8 : java-17-openjdk (ELSA-2023-1898)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1898 advisory. 1:17.0.7.0.7-1 - Update to jdk-17.0.7.0+7 - Update release notes to 17.0.7.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 & JDK-83051...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.28 views

Oracle Linux 8 : java-11-openjdk (ELSA-2023-1895)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1895 advisory. 1:11.0.19.0.7-1 - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 - Require tzdata 2023c due to local inclusion of JDK-8274864 &...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.27 views

Oracle Linux 9 : java-11-openjdk (ELSA-2023-1880)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1880 advisory. 11.0.19.0.7-1.0.1 - Replace upstream references Orabug: 34340155 1:11.0.19.0.7-1 - Update to jdk-11.0.19.0+7 - Update release notes to 11.0.19.0+7 -...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/04/20 12:0 a.m.27 views

AlmaLinux 9 : java-11-openjdk (ALSA-2023:1880)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1880 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected a...

7.4CVSS6.4AI score0.02474EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/04/19 7:27 p.m.5 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/19 5:26 p.m.76 views

Security Bulletin: Multiple vulnerabilities found in third party libraries used by IBM® MobileFirst Platform

Summary There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update. Vulnerability Details CVEID:CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

6.9CVSS7.2AI score0.99019EPSS
Exploits15Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/19 12:0 a.m.30 views

RHEL 9 : java-17-openjdk (RHSA-2023:1879)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1879 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2023/04/19 12:0 a.m.25 views

Oracle Solaris Critical Patch Update : apr2023_SRU11_4_55_138_3

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Libraries. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS6.1AI score0.00658EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2023/04/18 10:29 p.m.3 views

@aprilsacil/wallet (>=0.1.36 <=0.1.51), @axelraag/frigg-uniswap-widgets (>=0.0.11 <=0.12.0) +35 more potentially affected by CVE-2023-30543 via @web3-react/eip1193 (>=8.0.11-beta.0 <=8.0.26-beta.0)

@web3-react/eip1193 NPM version =8.0.11-beta.0, =0.1.36, =0.0.11, =0.0.1-alpha.0, =0.0.46, =0.0.70, =1.0.0, =0.0.1, =1.1.0, =0.0.3, =0.12.0, =0.0.6-alpha.0, =0.0.12 - @huma-finance/widgets =0.0.6-alpha.0 - @huma-shan/shared =0.0.1 - @huma-shan/superfluid-widget =0.0.1 and more Source cves:...

5.7CVSS6.2AI score0.00378EPSS
Exploits0
OSV
OSV
added 2023/04/18 8:15 p.m.2 views

CVE-2023-21984

Vulnerability in the Oracle Solaris product of Oracle Systems component: Libraries. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks of this vulnerability can...

6.5CVSS6.9AI score0.00658EPSS
Exploits0References1
Prion
Prion
added 2023/04/18 8:15 p.m.12 views

Design/Logic Flaw

Vulnerability in the Oracle Solaris product of Oracle Systems component: Libraries. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks of this vulnerability can...

4CVSS6.4AI score0.00658EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2023/04/17 8:15 a.m.8 views

abi-ds-utils (>=0.1.2 <=1.2.3), abi-pyspark-utils (>=0.1.1 <=0.1.4) +215 more potentially affected by CVE-2023-22946 via pyspark (>=2.1.2 <=3.3.4)

pyspark PYPI version =2.1.2, =0.1.2, =0.1.1, =0.1.5, =0.0.1, =0.2.0, =0.0.2, =1.0.0, =0.9.1, =0.1.57, =0.11.0, =2.5.0b20240324 - bigdl-chronos =2.0.0 - bigdl-chronos-spark2 =2.0.0 and more Source cves: CVE-2023-22946 Source advisory: OSV:PYSEC-2023-44...

9.9CVSS7.7AI score0.01109EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/04/16 6:49 a.m.6 views

CVE-2023-29506 org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticated endpoints

XWiki Commons are technical libraries common to several other top level XWiki projects. It was possible to inject some code using the URL of authenticated endpoints. This problem has been patched on XWiki 13.10.11, 14.4.7 and 14.10...

5.4CVSS6.3AI score0.01721EPSS
Exploits1References3
OSV
OSV
added 2023/04/16 6:45 a.m.27 views

CVE-2023-29214 org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability

XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with edit rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of the included pages in the...

9.9CVSS8.6AI score0.01193EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/04/15 3:27 p.m.24 views

CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro

XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...

9.9CVSS9.3AI score0.00588EPSS
Exploits1References2
Rows per page
Query Builder