CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5831 matches found

Cvelist•added 2024/10/14 5:3 p.m.•16 views

CVE-2024-45739 Sensitive information disclosure in AdminManager logging channel

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level...

4.9CVSS0.00513EPSS

Exploits0References2

CNNVD•added 2024/10/14 12:0 a.m.•2 views

Splunk Enterprise 安全漏洞

Splunk Enterprise is a suite of data collection and analytics software from Splunk, Inc. in the United States. A security vulnerability exists in Splunk Enterprise versions 9.3.x prior to 9.3.1, 9.2.x prior to 9.2.3, and 9.1.x prior to 9.1.6, which originates from a vulnerability that could expos...

4.9CVSS6.7AI score0.00513EPSS

Exploits0References4

OSSF Malicious Packages•added 2024/10/12 8:11 a.m.•3 views

Malicious code in native-module2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efe93b635d66b4c82b9ceeb354e99e5c1390c4656c141ad0175e14453a8b3423 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

Exploits0References1

OSV•added 2024/10/12 8:11 a.m.•4 views

MAL-2024-9280 Malicious code in native-module2 (npm)

7AI score

Exploits0References1

RedHat Linux•added 2024/10/09 2:44 p.m.•8 views

Important: Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release

Red Hat OpenShift Pipelines 1.16.0 has been released. Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery CI/CD solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments...

7.5CVSS6.6AI score0.01414EPSS

Exploits3References2

HackRead•added 2024/10/09 1:55 p.m.•4 views

Sui to Make Native USDC Available Through NAVI Protocol

The Sui Foundation supports native USDC on the Sui network with $120M in liquidity, marking the 3rd largest…...

7.3AI score

Exploits0

OSV•added 2024/10/09 7:15 a.m.•1 views

CVE-2024-39438

In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed...

6.7CVSS5.9AI score0.00252EPSS

Exploits0References1

Qualys Blog•added 2024/10/07 7:57 p.m.•12 views

Qualys VMDR Rated as the Only Leader and Outperformer by Independent Analyst Firm for the Second Consecutive Year

Qualys VMDR received the highest possible scores for risk-based assessment, cloud-native and serverless function scanning, and flexibility of deployment, among 20 vendors evaluated in this report. As the threat landscape evolves, vulnerability management remains a cornerstone of security...

7.3AI score

Exploits0

OSSF Malicious Packages•added 2024/09/28 9:17 a.m.•4 views

Malicious code in sbm-react-native-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e2afb605fb618703ab0a396b16a0194c7c92063c40e98058cb1e012dd9c283f The OpenSSF Package Analysis project identified 'sbm-react-native-sample' @ 1.5.0 npm as malicious. It is considered malicious because: - The...

6.9AI score

Exploits0

OSV•added 2024/09/28 9:17 a.m.•5 views

MAL-2024-9023 Malicious code in sbm-react-native-sample (npm)

7.1AI score

Exploits0

Tenable Nessus•added 2024/09/25 12:0 a.m.•22 views

SUSE SLES15 Security Update : xen (SUSE-SU-2024:3423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3423-1 advisory. - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86...

7.5CVSS7.4AI score0.08555EPSS

Exploits0References16

OpenVAS•added 2024/09/25 12:0 a.m.•11 views

SUSE: Security Advisory (SUSE-SU-2024:3423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.08555EPSS

Exploits0References8

OSV•added 2024/09/24 3:25 p.m.•12 views

SUSE-SU-2024:3423-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling XSA-458, bsc1227355 - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460,...

7.5CVSS7AI score0.08555EPSS

Exploits0References11

Qualys Blog•added 2024/09/24 3:0 p.m.•13 views

Enhancing Cloud-Native Security: Qualys Introduces Scanning for Container-Optimized OS in Google Kubernetes Engine

As organizations move from traditional workloads to containerized environments, they encounter new security challenges. Containers bring added complexity that traditional security tools often struggle to manage, largely because of their transient nature and the shared responsibility between the...

7.5AI score

Exploits0