Lucene search
K

112 matches found

Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.12 views

PT-2023-23356 · Gl.Inet · Gl.Inet

Name of the Vulnerable Software and Affected Versions: GL.iNet devices versions prior to 3.216 Description: A path traversal issue was discovered, allowing the sharing of arbitrary directories, such as /tmp or /etc, through the file sharing feature due to the lack of server-side restrictions...

7.5CVSS7.7AI score0.0094EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.7 views

PT-2023-22029 · Trustwave · Modsecurity

Name of the Vulnerable Software and Affected Versions: Trustwave ModSecurity versions 3.0.5 through 3.0.8 Description: The issue allows a denial of service, causing worker crash and unresponsiveness. This occurs because some inputs cause a segfault in the Transaction class for certain...

7.5CVSS6.1AI score0.03206EPSS
Exploits4References22
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.4 views

PT-2023-21713 · Pdfio +1 · Pdfio +1

Name of the Vulnerable Software and Affected Versions: PDFio versions 1.1.0 and prior Description: A denial of service issue exists in the pdfio parser, where crafted PDF files can cause the program to run at 100% utilization and never terminate. Recommendations: For PDFio versions 1.1.0 and prio...

6.2CVSS4.9AI score0.00221EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/03/07 12:0 a.m.2 views

PT-2023-35425 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.95 Description: The issue concerns error handling in the mmc spi probe function. It was introduced in version v2.6.24 and fixed in version v5.15.95. The actual impact and attack plausibility have not yet...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.2 views

PT-2023-34970 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.6 through v6.1.8 Description: The issue is related to a potential integer overflow on shift of an int in the perf/x86/amd component. The actual impact and attack plausibility have not yet been proven. Recommendations:...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/08 12:0 a.m.5 views

PT-2023-16473 · WordPress · Wicked Folders

Name of the Vulnerable Software and Affected Versions: Wicked Folders plugin for WordPress versions up to, and including, 2.18.16 Description: The issue is related to a missing capability check on the ajax delete folder function, allowing authenticated attackers with subscriber-level permissions...

5.4CVSS5.2AI score0.00576EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.3 views

PT-2023-34874 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: The issue is related to the dp aux cmd fifo tx function, where it may not be completed if the irq is not for aux transfer. The actual impact and attack plausibility have not yet been prove...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.2 views

PT-2023-34329 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.13 through 5.10.162 Description: A potential resource leak issue has been identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 3.13 through 5.10.162...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.8 views

PT-2023-33511 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.6 through v6.0.17 Description: The issue is related to a deadlock caused by mbcache entry corruption in the ext4 filesystem. The actual impact and potential for attack have not been proven yet. Recommendations: For...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.3 views

PT-2022-21352 · Apache · Apache Bookkeeper Java Client

Name of the Vulnerable Software and Affected Versions: Apache Bookkeeper Java Client versions prior to 4.14.6 and 4.15.1 Description: The Apache Bookkeeper Java Client does not close the connection to the bookkeeper server when TLS hostname verification fails, leaving it vulnerable to a...

5.9CVSS5.5AI score0.01021EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.4 views

PT-2022-26887 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1183.v774b 0b 0a a 451 and earlier Description: A sandbox bypass issue involves casting an array-like value to an array type, allowing attackers with permission to define and run sandboxed scripts,...

9.9CVSS9.6AI score0.01428EPSS
Exploits0References7
OSV
OSV
added 2022/04/25 2:39 p.m.5 views

SUSE-RU-2022:1384-1 Recommended update for Salt

This update fixes the following issues: salt: - Clear network interfaces cache on grains request bsc1196050 - Handle old qemu-img not supporting -U parameter bsc1195221 - Restrict 'state.orchestratesingle' to pass a pillar value if it exists bsc1194632 - Fix sparse disk errors on Python 2 virt...

8.8CVSS8.4AI score0.01315EPSS
Exploits0References9
OSV
OSV
added 2022/04/05 2:37 p.m.13 views

SUSE-RU-2022:14935-1 Recommended update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR bsc1197903: MFSA 2022-14 bsc1197903 CVE-2022-1097: Fixed memory safety violations that could occur when PKCS11 tokens are removed while in use CVE-2022-28281: Fixed an out of bounds write due to...

8.8CVSS7.8AI score0.1446EPSS
Exploits7References10
Positive Technologies
Positive Technologies
added 2022/02/07 12:0 a.m.5 views

PT-2022-9552 · WordPress · The Ultimate Product Catalog

Name of the Vulnerable Software and Affected Versions: The Ultimate Product Catalog WordPress plugin versions prior to 5.0.26 Description: The issue is related to the lack of authorization and CSRF checks in some AJAX actions. This could allow any authenticated users, such as subscribers, to call...

6.5CVSS6.4AI score0.00469EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2022/01/11 12:0 a.m.6 views

PT-2022-9928 · Ibm · Ibm Engineering Workflow Management +1

Name of the Vulnerable Software and Affected Versions: IBM Engineering Workflow Management versions 7.0 through 7.0.2 IBM Rational Team Concert versions 6.0.6 through 6.0.6.1 Description: The issue allows an authenticated attacker to obtain sensitive information from build definitions, which coul...

4.3CVSS4.1AI score0.00704EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.42 views

openSUSE 15 : Recommended update for php7 (openSUSE-SU-2021:3943-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3943-1 advisory. - In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daem...

7.8CVSS7.2AI score0.25951EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2021/09/26 12:0 a.m.6 views

PT-2021-7870

Name of the Vulnerable Software and Affected Versions OpenSSH versions 6.2 through 8.x before 8.8 Description The issue is related to the management of privileges in OpenSSH, allowing privilege escalation when certain non-default configurations are used. This occurs because supplemental groups ar...

7.8CVSS7.2AI score0.19753EPSS
Exploits16References89
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.12 views

openSUSE 15 : Recommended update for seamonkey (openSUSE-SU-2021:1129-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1129-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

5.5AI score
Exploits0References1
OSV
OSV
added 2021/03/30 12:43 p.m.5 views

SUSE-RU-2021:0985-1 Recommended update for the Azure SDK and CLI

This update for the Azure SDK and CLI adds support for the AHB Azure Hybrid Benefit. bsc1176784, jscECO=3105...

10CVSS7.1AI score0.05984EPSS
Exploits0References11
OSV
OSV
added 2021/02/17 3:0 p.m.9 views

SUSE-RU-2021:0497-1 Recommended update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, release-notes-suse-openstack-cloud, sleshammer

This update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1,...

5.3CVSS5.8AI score0.07605EPSS
Exploits1References10
Rows per page
Query Builder