Lucene search
K

142 matches found

OSV
OSV
added 2023/01/25 7:39 p.m.33 views

GHSA-6P4M-HW2H-6GMW Controller reconciles apps outside configured namespaces when sharding is enabled

Impact All Argo CD versions starting with 2.5.0-rc1 are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Description of exploit Reconciled Application namespaces are specified as a comma-delimited lis...

8.5CVSS8.1AI score0.0078EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/01/25 7:39 p.m.44 views

Controller reconciles apps outside configured namespaces when sharding is enabled

Impact All Argo CD versions starting with 2.5.0-rc1 are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Description of exploit Reconciled Application namespaces are specified as a comma-delimited lis...

8.5CVSS8.1AI score0.0078EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2023/01/25 7:4 p.m.200 views

Internet Bug Bounty: Argo CD reconciles apps outside configured namespaces when sharding is enabled

An authorization bypass vulnerability was found in Argo CD versions 2.5.0-rc1 and later, allowing a malicious user to deploy applications outside of the configured allowed namespaces when sharding is enabled. The vulnerability was triggered when an application was updated, and the controller...

8.5CVSS8.2AI score0.0078EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.66 views

Oracle Database Server (Oct 2022 CPU)

The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Database - Machine Learning Numpy component of Oracle Database Server. The supported version that ...

9.8CVSS7AI score0.18114EPSS
Exploits22References25
NVD
NVD
added 2022/10/18 9:15 p.m.28 views

CVE-2022-21603

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

7.2CVSS0.00836EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/18 9:15 p.m.6 views

CVE-2022-21603

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

7.2CVSS7.1AI score0.00836EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/18 9:15 p.m.2 views

CVE-2022-21603

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

7.2CVSS5.8AI score0.00836EPSS
Exploits0References1
Prion
Prion
added 2022/10/18 9:15 p.m.25 views

Buffer overflow

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

5.8CVSS7.1AI score0.00836EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/18 3:15 a.m.4 views

CVE-2022-22240

An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice Do...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References1
Prion
Prion
added 2022/10/18 3:15 a.m.18 views

Memory corruption

An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice Do...

1.7CVSS5.5AI score0.00193EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/10/18 12:0 a.m.21 views

CVE-2022-21603

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

7.2CVSS7.2AI score0.00836EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.5 views

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing, etc. Java VM is one of the Java virtual machine components. A security vulnerability exists in the Oracle Database-Sharding...

7.2CVSS8AI score0.00836EPSS
Exploits0References3
CVE
CVE
added 2022/10/18 12:0 a.m.72 views

CVE-2022-21603

CVE-2022-21603 affects Oracle Database Server, specifically the Sharding component, with 19c and 21c as affected versions. The root cause is a vulnerability in Sharding that enables a high-privilege attacker with Local Logon privilege and network access via Local Logon to compromise the Sharding ...

7.2CVSS7.1AI score0.00836EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/18 12:0 a.m.16 views

CVE-2022-21603

Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...

7.2CVSS6.5AI score0.00836EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/22 12:0 a.m.100 views

Oracle Database Server (Jul 2022 CPU)

The 12.1.0.2, 19c, 21c, All Supported Versions, and None versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle...

9.8CVSS6.6AI score0.42847EPSS
Exploits5References16
NVD
NVD
added 2022/07/19 10:15 p.m.20 views

CVE-2022-21510

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...

8.8CVSS0.00265EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/19 10:15 p.m.6 views

CVE-2022-21510

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...

8.8CVSS7.1AI score0.00265EPSS
Exploits0References2
Prion
Prion
added 2022/07/19 10:15 p.m.23 views

Buffer overflow

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...

4.3CVSS8.6AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2022/07/19 9:6 p.m.99 views

CVE-2022-21510

CVE-2022-21510 is a vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. Affected behavior is that a low-privileged attacker with Local Logon can log in to the infrastructure where Sharding runs and compromise the component, with potential scope ...

8.8CVSS8.8AI score0.00265EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/19 9:6 p.m.33 views

CVE-2022-21510

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...

8.8CVSS9AI score0.00265EPSS
Exploits0References1
Rows per page
Query Builder