Lucene search
K

6095 matches found

Debian CVE
Debian CVE
added 2024/02/20 6:34 p.m.31 views

CVE-2023-52437

Removed by vendor...

6.7AI score
Exploits0
NVD
NVD
added 2024/02/20 1:15 p.m.16 views

CVE-2023-52433

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an alrea...

4.4CVSS7.4AI score0.00265EPSS
Exploits0References8
Prion
Prion
added 2024/02/20 1:15 p.m.24 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active...

6.7AI score0.02224EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/02/20 12:52 p.m.34 views

CVE-2024-26581 netfilter: nft_set_rbtree: skip end interval element from gc

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active...

7.4AI score0.02224EPSS
Exploits1References8
Cvelist
Cvelist
added 2024/02/20 12:52 p.m.21 views

CVE-2023-52433 netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an alrea...

7.6AI score0.00265EPSS
Exploits0References7
Rosalinux
Rosalinux
added 2024/02/20 9:18 a.m.56 views

Advisory ROSA-SA-2024-2349

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87.res7.11 CVE-ID: CVE-2022-28734 BDU-ID: 2024-01201 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Grub loader is related to out-of-bounds writes when processing delimited HTTP headers. Exploitation of the vulnerability...

8.1CVSS6.7AI score0.01131EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2024/02/20 8:0 a.m.83 views

February 13, 2024—KB5034830 (Monthly Rollup)

February 13, 2024—KB5034830 Monthly Rollup IMPORTANT The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...

8.8CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/02/14 9:58 a.m.48 views

Advisory ROSA-SA-2024-2340

Software: openssh 7.4p1 OS: rosa-server79 packageevrstring: openssh-7.4p1-23.0.1.res7 CVE-ID: CVE-2023-51385 BDU-ID: 2023-08955 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the SSH protocol implementation of the OpenSSH cryptographic security tool is related to an argument injection or...

6.5CVSS8.3AI score0.19753EPSS
Exploits7
Microsoft KB
Microsoft KB
added 2024/02/13 8:0 a.m.45 views

Update 21.16 for Microsoft Dynamics 365 Business Central (on-premises) 2022 Release Wave 2 (Application Build 21.16.63199, Platform Build 21.0.63175)

None None...

8CVSS7.5AI score0.01725EPSS
Exploits0
Veeam
Veeam
added 2024/02/06 12:0 a.m.42 views

Veeam Recovery Orchestrator Vulnerability ( CVE-2024-22021 |  CVE-2024-22022 )

Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...

8.8CVSS7.5AI score0.00701EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2024/02/06 12:0 a.m.5 views

Medium: systemd

Issue Overview: systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records. CVE-2023-7008 Affected Packages: systemd Issue Correction: Run dnf update systemd --releasever 2023.3.2024020...

5.9CVSS6.9AI score0.00849EPSS
Exploits0
Amazon
Amazon
added 2024/02/06 12:0 a.m.5 views

Medium: systemd

Issue Overview: systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records. CVE-2023-7008 Affected Packages: systemd Issue Correction: Run dnf update systemd --releasever 2023.3.2024020...

5.9CVSS6.9AI score0.00849EPSS
Exploits0
NVD
NVD
added 2024/02/01 7:15 p.m.15 views

CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS9.4AI score0.01258EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2024/02/01 7:15 p.m.18 views

CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS7.4AI score0.01258EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.6 views

The vulnerability of the systemd-resolved service responsible for managing network connections and domain name resolution allows attackers to modify DNS records protected by DNSSEC, by gaining access to a channel from a non-endpoint location.

The vulnerability of the systemd-resolved service for managing network connections and domain name system DNS resolutions is related to deficiencies in verifying the authenticity of messages sent from DNS clients. Exploiting this vulnerability allows a malicious actor to alter DNS records protect...

5.9CVSS6.5AI score0.00849EPSS
Exploits0References16Affected Software5
Tenable Nessus
Tenable Nessus
added 2024/01/26 12:0 a.m.22 views

Fedora 38 : systemd (2024-c79658eedf)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c79658eedf advisory. - A bunch of fixes for various components: systemd, systemctl, hostnamectl, bootctl, systemd-networkd, systemd-network-generator, systemd-analyze,...

5.9CVSS6.9AI score0.00849EPSS
Exploits0References2
OSV
OSV
added 2024/01/23 2:42 p.m.24 views

GHSA-RJQ5-W47X-X359 @hono/node-server cannot handle "double dots" in URL

Impact Since v1.3.0, we use our own Request object. This is great, but the url behavior is unexpected. In the standard API, if the URL contains .., here called "double dots", the URL string returned by Request will be in the resolved path. ts const req = new...

5.3CVSS5.6AI score0.00722EPSS
Exploits1References5
Rosalinux
Rosalinux
added 2024/01/23 12:26 p.m.25 views

Advisory ROSA-SA-2024-2328

Software: libpng 1.6.34 OS: ROSA Virtualization 2.1 packageevrstring: libpng-1.6.34-5.0.1.rv3.src.rpm CVE-ID: CVE-2019-7317 BDU-ID: 2019-03330 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pngimagefree function png.c of the PNG libpng bitmap graphics library involves the pngimagefreefunction...

5.3CVSS7AI score0.09393EPSS
Exploits3
Rosalinux
Rosalinux
added 2024/01/23 12:20 p.m.47 views

Advisory ROSA-SA-2024-2326

Software: httpd 2.4.6 OS: rosa-server79 packageevrstring: httpd-2.4.6-98.0.1.res7.7 CVE-ID: CVE-2023-31122 BDU-ID: 2023-07124 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modmacro module of the Apache HTTP Server web server involves reading beyond memory boundaries. Exploitation of the...

7.5CVSS6.7AI score0.02978EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/23 12:0 a.m.22 views

Fedora 39 : systemd (2024-b8312ca5b3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b8312ca5b3 advisory. - A bunch of fixes for various components: systemd, systemctl, systemd-firstboot, systemd-repart, bootctl, systemd-networkd, systemd-network-generator,...

5.9CVSS6.9AI score0.00849EPSS
Exploits0References2
Rows per page
Query Builder