Lucene search
K

341 matches found

Veracode
Veracode
added 2025/02/03 5:20 a.m.8 views

Denial Of Service (DoS)

github.com/ethereum/go-ethereum is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of incoming messages, which allows a specially crafted message to trigger a crash or shutdown of the node...

8.7CVSS7AI score0.00681EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/29 6:24 p.m.10 views

CVE-2024-10001 Code Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message Handling

A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. This enabled the exfiltration of sensitive data by manipulating the DOM, including...

7.1CVSS7.2AI score0.00371EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.9 views

PT-2025-1574 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.11.16 GitHub Enterprise Server versions prior to 3.12.10 GitHub Enterprise Server versions prior to 3.13.5 GitHub Enterprise Server versions prior to 3.14.2 GitHub Enterprise Server versions prior ...

7.1CVSS8.1AI score0.00371EPSS
Exploits0References9
Veracode
Veracode
added 2025/01/28 6:2 a.m.3 views

Reflected Cross Site Scripting (XSS)

silverstripe/framework is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of error messages, which allows execution of a malicious payload included in a URL when the website is set to the "dev" environment mode...

6.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.6 views

PT-2025-2885 · Sungrow · Sungrow Winet-Sv200

Name of the Vulnerable Software and Affected Versions: SunGrow WiNet-SV200 versions 0.001.00.P027 and earlier Description: The issue arises when copying the timestamp read from an MQTT message, as the underlying code does not check the bounds of the buffer used to store the message. This may lead...

9.8CVSS9.3AI score0.00552EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/01/13 6:21 a.m.15 views

CVE-2024-57876

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...

4.6CVSS7AI score0.00158EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/12 12:13 a.m.7 views

SUSE CVE-2024-57876

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...

7CVSS6.6AI score0.00158EPSS
Exploits0References17
Veracode
Veracode
added 2024/12/19 7:38 a.m.8 views

Information Disclosure

apachesuperset is vulnerable to Information Disclosure. The vulnerability is due to improper handling of error messages, exposing sensitive analytics metadata, which allows an attacker to gain access to this information, potentially aiding in further attacks or revealing system details...

5.3CVSS6.7AI score0.00787EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.15 views

Oracle Linux 9 : krb5 (ELSA-2024-9331)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9331 advisory. 1.21.1-3.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-3 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message tok...

9.1CVSS7.4AI score0.01863EPSS
Exploits3References4
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.3 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...

3.7CVSS6.7AI score0.0038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.9 views

FreeBSD : libqb -- Buffer overflow (ecf9a798-9aa9-11ef-a8f0-a8a15998b5cb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ecf9a798-9aa9-11ef-a8f0-a8a15998b5cb advisory. [email protected] reports: logblackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messag...

9.8CVSS8.2AI score0.00984EPSS
Exploits0References3
Veracode
Veracode
added 2024/10/29 8:17 a.m.8 views

HTML Injection

org.openrefine, openrefine is vulnerable to HTML injection. The vulnerability is due to improper handling of error messages, which fails to escape HTML tags in exception messages and tracebacks, allowing an attacker to inject malicious HTML when a specific error is triggered...

6.1CVSS6.7AI score0.00487EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/10/10 1:15 p.m.26 views

CVE-2024-35202

Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...

7.5CVSS0.009EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/10 12:0 a.m.12 views

CVE-2024-35202

Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...

7AI score0.009EPSS
Exploits0References5
CVE
CVE
added 2024/10/10 12:0 a.m.73 views

CVE-2024-35202

CVE-2024-35202 affects Bitcoin Core prior to 25.0. The vulnerability allows remote attackers to cause a denial of service by including transactions in a blocktxn message that are not committed to in a block’s merkle root, triggering a blocktxn-handling assertion and node exit. The issue is associ...

7.5CVSS7AI score0.009EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/10/10 12:0 a.m.10 views

CVE-2024-35202

Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...

7.5CVSS6.9AI score0.009EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/09 12:0 a.m.4 views

PT-2024-26378

Name of the Vulnerable Software and Affected Versions Bitcoin Core versions prior to 25.0 Description A high-severity software bug in Bitcoin Core allows remote attackers to cause a denial of service by including transactions in a blocktxn message that are not committed to in a block's merkle roo...

7.5CVSS6AI score0.009EPSS
Exploits0References71
Ubuntu
Ubuntu
added 2024/09/17 1:11 p.m.14 views

USN-7017-1: Quagga vulnerability

Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.8CVSS8AI score0.00641EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/11 4:3 a.m.16 views

CVE-2024-39808

Incorrect Calculation of Buffer Size CWE-131 in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service. This issue affects: Controller 6000 and Controller 7000 9.10 prior to...

4.6CVSS6.6AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 1:15 p.m.3 views

UBUNTU-CVE-2022-48865

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...

5.5CVSS5.9AI score0.00259EPSS
Exploits0References7
Rows per page
Query Builder