Lucene search
K

188 matches found

Veracode
Veracode
added 2021/07/14 9:3 p.m.24 views

Access Control Bypass

firefox is vulnerable to access control bypass. A remote attacker is able to bypass security restrictions as a result of enabling of network partitioning. By persuading a victim to visit a malicious web site, the error on a domain can be overridden which had specified HTTP Strict Transport Securi...

4.3CVSS2.9AI score0.0084EPSS
Exploits0References4Affected Software6
Kaspersky
Kaspersky
added 2021/07/13 12:0 a.m.84 views

KLA12228 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. A securit...

9.8CVSS9.7AI score0.03582EPSS
Exploits3References3
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.4 views

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a Privilege Permission and Access Control Issues vulnerability that stems from the application allowing overriding of HSTS errors when network partitioning is enabled, due ...

4.3CVSS7.3AI score0.0084EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2018:3074-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2018:3074-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score
Exploits0References4
Veeam
Veeam
added 2021/05/27 12:0 a.m.12 views

Veeam ONE Database Partitioning

Purpose This article documents the procedure for implementing database partitioning to improve the performance of Veeam ONE deployments where the database in use was first created using Veeam ONE 9.x or older. Starting with Veeam ONE version 10, all newly deployed Veeam ONE databases are already...

7.3AI score
Exploits0Affected Software1
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.59 views

GPT fdisk: Integer underflow

Background GPT fdisk consisting of the gdisk, cgdisk, sgdisk, and fixparts programs is a set of text-mode partitioning tools for Linux, FreeBSD, Mac OS X, and Windows. Description It was discovered that ReadLogicalParts function in basicmbr.cc was missing a bounds check. Impact A local attacker...

7.2CVSS2.7AI score0.00436EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.4 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning scheme allows a hacker to trigger a service failure.

Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning mechanism is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

6.8CVSS6.4AI score0.01373EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/14 12:0 a.m.5 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning scheme allows a hacker to trigger a service failure.

Vulnerability of the Server component: The Oracle MySQL Server database management system’s partitioning mechanism is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

6.8CVSS6.4AI score0.01283EPSS
Exploits0References5Affected Software1
Fedora
Fedora
added 2021/03/20 12:21 a.m.54 views

[SECURITY] Fedora 34 Update: gnome-disk-utility-40~rc-1.fc34

This package contains the Disks and Disk Image Mounter applications. Disks supports partitioning, file system creation, encryption, fstab/crypttab editing, ATA SMART and other features...

5.5CVSS2.2AI score0.00639EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.12 views

Fedora: Security Advisory for gnome-disk-utility (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/12/22 7:33 a.m.183 views

How to make a software BTRFS RAID1 with LUKS2 FDE

The guide below is simplified in a way that preparing the boot partition is not covered. Software based btrfs RAID1 requires two devices, which conceptually dont even need to be on different disks. But for obvious reasons, its a good idea if they are… Having mirroring against encrypted storage...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/04 12:53 a.m.4 views

kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service

A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...

4.7CVSS6.8AI score0.00623EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2020/10/18 12:0 a.m.25 views

[ASA-202010-8] kpmcore: privilege escalation

Arch Linux Security Advisory ASA-202010-8 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-27187 Package : kpmcore Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1253 Summary ======= The package kpmcore before version...

7.8CVSS1.8AI score0.00422EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.2 views

kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service

A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...

4.7CVSS6.8AI score0.00623EPSS
Exploits0References4
OSV
OSV
added 2020/09/25 7:15 p.m.24 views

CVE-2020-15200

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS5.7AI score
Exploits0References3
Prion
Prion
added 2020/09/25 7:15 p.m.18 views

Heap overflow

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

4.3CVSS5.7AI score0.00844EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2020/05/12 3:16 p.m.1 views

kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service

A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...

4.7CVSS6.8AI score0.00623EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/04/01 9:11 p.m.24 views

CVE-2018-11802

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...

4.3CVSS4.3AI score0.0202EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/05/07 7:3 p.m.22 views

CVE-2018-11802

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...

4.3CVSS2AI score0.0202EPSS
Exploits0References3
Rows per page
Query Builder