Lucene search
K

2259 matches found

OSV
OSV
added 2023/01/17 6:43 p.m.11 views

GSD-2023-1001133 mmc: atmel-mci: fix return value check of mmc_add_host()

mmc: atmel-mci: fix return value check of mmcaddhost This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2023:0076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01804EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/01/11 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2023:0058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.8AI score0.00867EPSS
Exploits1References5
OSV
OSV
added 2022/12/15 12:0 a.m.31 views

ALSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages were updated to later upstream versions: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: nodejs: Improper handling of URI Subject...

9.8CVSS8.1AI score0.21514EPSS
Exploits3References16
OpenVAS
OpenVAS
added 2022/12/15 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4483-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02685EPSS
Exploits0References10
CNVD
CNVD
added 2022/12/14 12:0 a.m.31 views

Siemens Polarion ALM Host Header Injection Vulnerability

Polarion ALM is an application lifecycle management solution that improves the software development process with a single unified solution for requirements, coding, testing and release.A security vulnerability exists in Siemens Polarion ALM, which could be exploited by attackers to spoof host...

6.1CVSS2.5AI score0.00375EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/13 6:46 a.m.5 views

CVE-2022-23473 Tuleap MediaWiki standalone "readers" can also edit pages

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edit them. This on...

4.3CVSS4.5AI score0.00454EPSS
Exploits0References3
CVE
CVE
added 2022/12/13 6:40 a.m.55 views

CVE-2022-46160

Tuleap dashboards CVE-2022-46160 affects versions prior to 14.2.99.104 (Community Edition) and 14.2-4 / 14.1-5 (Enterprise). The root cause is improper verification of project-level authorizations when accessing a project homepage/dashboards, allowing users not authorized to the project to retrie...

4.3CVSS4.4AI score0.00498EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-27777 · Tuleap · Tuleap

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 14.2.99.104 Tuleap Community Edition version 14.2.99.104 Tuleap Enterprise Edition version 14.2-4 Tuleap Enterprise Edition version 14.1-5 Description: Tuleap is an Open Source Suite to improve management of software...

4.3CVSS4.3AI score0.00498EPSS
Exploits0References6
OSV
OSV
added 2022/12/08 2:43 a.m.10 views

GSD-2022-1007890 iio: adc: mp2629: fix potential array out of bound access

iio: adc: mp2629: fix potential array out of bound access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 2:29 a.m.9 views

GSD-2022-1007736 kcm: close race conditions on sk_receive_queue

kcm: close race conditions on skreceivequeue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/12/07 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2022:4335-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.06419EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/12/07 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2022:4332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.00277EPSS
Exploits0References13
OSV
OSV
added 2022/12/06 12:0 a.m.38 views

ALSA-2022:8833 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.12.1, nodejs-nodemon 2.0.20. BZ2142818 Security Fixes: nodejs-minimatch: ReDoS vi...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/11/30 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2022:4296-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.01936EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2022/11/22 5:0 p.m.83 views

Vulnerable SDK components lead to supply chain risks in IoT and OT environments

December 8, 2022 update - Reflected additional research on Boa-related CVEs and updated supply chain diagram. Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External...

10CVSS0.4AI score0.99999EPSS
Exploits352
OpenVAS
OpenVAS
added 2022/11/16 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2022:3992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.00664EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:3957-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.49336EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/11/11 12:0 a.m.5 views

PT-2022-17798 · Intel · Intel Mc +2

Name of the Vulnerable Software and Affected Versions: IntelR AMT SDK versions prior to 16.0.4.1 IntelR EMA versions prior to 1.7.1 IntelR MC versions prior to 2.3.2 Description: The issue involves insufficiently protected credentials in the software, potentially allowing an authenticated user to...

8.8CVSS8.8AI score0.00437EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/11 12:0 a.m.8 views

PT-2022-18457 · Intel · Intel Sgx Sdk

Name of the Vulnerable Software and Affected Versions: IntelR SGX SDK software affected versions not specified Description: The issue is related to the premature release of a resource during its expected lifetime, which may allow a privileged user to potentially enable information disclosure via...

4.4CVSS4.2AI score0.00416EPSS
Exploits0References3
Rows per page
Query Builder