Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3359 matches found

OSV
OSVadded 2024/07/04 2:15 p.m.1 views

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

5.4CVSS5.9AI score0.00146EPSS
Exploits0References1
CVE
CVEadded 2024/07/04 1:21 p.m.111 views

CVE-2024-22277

CVE-2024-22277 affects VMware Cloud Director Availability. An HTML injection vulnerability allows a network-authenticated attacker to craft malicious HTML tags that execute within replication tasks. The issue is addressed by VMware in the 4.7.2 release; advisory indicates affected product lines i...

6.4CVSS6.8AI score0.00146EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/07/04 1:21 p.m.63 views

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

6.4CVSS0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/07/04 1:21 p.m.29 views

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

6.4CVSS7.5AI score0.00146EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/07/04 12:0 a.m.3 views

VMware Cloud Director Availability Security Vulnerability

VMware Cloud Director Availability is a Disaster Recovery-as-a-Service DRaaS solution from VMware, Inc. A security vulnerability exists in VMware Cloud Director Availability that stems from the inclusion of HTML injection, which allows an attacker with network access to craft malicious HTML tags...

6.4CVSS6.8AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/07/04 12:0 a.m.3 views

PT-2024-5011 · Vmware · Vmware Cloud Director Availability

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director Availability affected versions not specified Description: The issue is related to an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags...

6.4CVSS6.3AI score0.00146EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:48 p.m.26 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact,...

5.9CVSS5.7AI score0.00098EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:47 p.m.23 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. CVSS Base score: 3.7...

3.7CVSS4.8AI score0.00141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:46 p.m.31 views

Security Bulletin: A vulnerability in github.com/containerd/containerd-v1.6.17 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the github.com/containerd/containerd-v1.6.17 package has been addressed. Vulnerability Details CVEID:CVE-2023-25173 DESCRIPTION: containerd could allow a local authenticated attacker to bypass security restrictions, caused by improper setup for supplementary groups insi...

7.8CVSS6.6AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:46 p.m.26 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2021-33503 DESCRIPTION: urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw due to catastrophic backtracking. By sending a specially-crafted URL...

7.5CVSS7.5AI score0.00863EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:45 p.m.24 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details CVEID:CVE-2023-24532 DESCRIPTION: An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go has an unknown impact and attack vector. CVSS Base...

5.3CVSS7.1AI score0.00026EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:45 p.m.23 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the Go package has been addressed. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote...

7.5CVSS8.4AI score0.0002EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:44 p.m.25 views

Security Bulletin: A vulnerability in setuptools affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the setuptools package has been addressed. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote attack...

5.9CVSS6.8AI score0.00513EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:43 p.m.31 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP response...

6.1CVSS6.8AI score0.00609EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:42 p.m.20 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-31030 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...

5.5CVSS5.7AI score0.00158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:42 p.m.22 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-23471 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request, a remote authenticated attacker could...

6.5CVSS6.2AI score0.00259EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:41 p.m.32 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package Go has been addressed. Vulnerability Details CVEID:CVE-2022-41725 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted request, a...

7.5CVSS8.4AI score0.00065EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/28 12:40 p.m.18 views

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw wit...

7.1CVSS6AI score0.00065EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linuxadded 2024/06/26 7:30 p.m.21 views

Moderate: Red Hat Security Advisory: VolSync 0.9.2 for RHEL 9

VolSync v0.9.2 general availability release images provide the following: enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

7.5CVSS6.7AI score0.00393EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:48 p.m.5 views

Malicious code in ar_octopus-replication-tracking (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Rows per page
Query Builder