Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.7 views

PT-2024-28780

Name of the Vulnerable Software and Affected Versions GraphQL Java versions prior to 21.5 GraphQL Java version 20.9 GraphQL Java version 19.11 Description The issue is related to the improper consideration of ExecutableNormalizedFields ENFs in preventing denial of service via introspection querie...

8.7CVSS6.5AI score0.00943EPSS
Exploits3References253
OSV
OSV
added 2023/04/11 2:15 p.m.5 views

CVE-2023-28062

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions...

8.8CVSS7.3AI score0.00766EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.6 views

GoCD 安全漏洞

GoCD is a continuous delivery server. A security vulnerability exists in GoCD versions 19.2.0 through 19.11.0 that originates from allowing an authenticated agent to impersonate another agent, resulting in an access control outage and incorrect authentication of agent tokens in the GoCD server to...

6.5CVSS6.6AI score0.00615EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/10/14 12:0 a.m.5 views

PT-2022-24889 · Gocd · Gocd

Name of the Vulnerable Software and Affected Versions: GoCD versions 19.2.0 through 19.10.0 Description: The issue concerns a timing attack in the validation of access tokens due to the use of regular string comparison instead of a constant time algorithm. This could allow a brute force attack on...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.9 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.19.11 and earlier, which originates from an attacker capable of injecting WLAN frames can cause a buffer overflow in t...

8.1CVSS7AI score0.03763EPSS
Exploits1References30
ATTACKERKB
ATTACKERKB
added 2022/07/05 12:0 a.m.2 views

CVE-2022-32481

Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover...

7.8CVSS7.2AI score0.00234EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/01 12:0 a.m.5 views

PT-2021-19832 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue allows an attacker to gain write/read privileges on any Federated File Share. This can also...

10CVSS5.9AI score0.02604EPSS
Exploits2References36
Positive Technologies
Positive Technologies
added 2021/06/01 12:0 a.m.4 views

PT-2021-19833 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue arises when an attacker converts a Files Drop link to a federated share, causing problems o...

10CVSS5.8AI score0.02604EPSS
Exploits2References36
CNVD
CNVD
added 2020/04/21 12:0 a.m.3 views

VMware InstallBuilder Resource Management Error Vulnerability

VMware InstallBuilder is a multi-platform installer development and automatic update tool from VMware. A security vulnerability exists in VMware InstallBuilder versions prior to 19.11. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS6.7AI score0.01044EPSS
Exploits0References1
Rows per page
Query Builder