Lucene search
+L

142 matches found

Debian CVE
Debian CVE
added 2022/02/09 10:5 p.m.32 views

CVE-2021-39943

Removed by vendor...

4.3CVSS5.8AI score0.00869EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/02/09 12:0 a.m.3 views

PT-2022-11091 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.1 through 14.3.5 GitLab EE versions 14.4 through 14.4.3 GitLab EE versions 14.5 through 14.5.1 Description: An authorization logic error in the External Status Check API allowed a user to update the status of the check v...

4.3CVSS4.2AI score0.00869EPSS
Exploits0References9
OSV
OSV
added 2022/01/05 5:6 p.m.4 views

DRUPAL-CONTRIB-2022-001

This module enables you to login with an email address. The module doesn't sufficiently check if a user account is active when using email login. This vulnerability is mitigated by the fact that an attacker must have an account in the website that is blocked...

6.7AI score
Exploits0References1
Code423n4
Code423n4
added 2021/12/15 12:0 a.m.10 views

Collateral can be deposited in a finished pool

Handle pedroais Vulnerability details Proof of Concept The depositCollateral function doesn't check the status of the pool so collateral can be deposited in a finished loan. This can happen by mistake and all funds will be lost. Recommended Mitigation Steps Require loan status to be collection or...

6.9AI score
Exploits0
OSV
OSV
added 2021/12/13 4:15 p.m.26 views

CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

4.3CVSS6.2AI score0.00806EPSS
Exploits0References3
Prion
Prion
added 2021/12/13 4:15 p.m.18 views

Design/Logic Flaw

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

4CVSS4.5AI score0.00806EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/12/13 4:15 p.m.31 views

CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

4.3CVSS5.9AI score0.00806EPSS
Exploits0References1
OSV
OSV
added 2021/12/13 4:15 p.m.3 views

UBUNTU-CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

4.3CVSS5.8AI score0.00806EPSS
Exploits0References2
CVE
CVE
added 2021/12/13 3:47 p.m.63 views

CVE-2021-39916

The CVE-2021-39916 entry describes a lack of an access control check in GitLab EE’s External Status Check feature, enabling any authenticated user to retrieve the configuration of any External Status Check. Affected versions are 14.1–14.3.5, 14.4 before 14.4.4, and 14.5 before 14.5.2. The root ca...

4.3CVSS4.4AI score0.00806EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2021/12/13 3:47 p.m.21 views

CVE-2021-39916

Removed by vendor...

4.3CVSS5.8AI score0.00806EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/12/13 12:0 a.m.3 views

PT-2021-22762 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.1 through 14.3.5 GitLab EE versions 14.4 through 14.4.3 GitLab EE versions 14.5 through 14.5.1 Description: The issue is related to a lack of access control check in the External Status Check feature, allowing any...

4.3CVSS4.3AI score0.00806EPSS
Exploits0References11
Hacker One
Hacker One
added 2021/10/16 8:22 p.m.43 views

GitLab: IDOR in "external status check" API leaks data about any status check on the instance

Summary The API endpoint for returning approval from an external status check contains an IDOR that lets a user list information about all external status checks on the GitLab instance. The feature is an Ultimate feature, but can be accessed by starting an Ultimate trial on GitLab.com. So the...

6.3AI score
Exploits0
Citrix
Citrix
added 2021/09/20 12:0 a.m.8 views

ERROR: Operation not permitted - no FIPS card present in the system

Attempting to check FIPS status on the Citrix ADC MPX 8900 FIPS certified appliance or the Citrix ADC MPX 15000-50G FIPS certified appliance using the show fips command results in the error message "ERROR: Operation not permitted - no FIPS card present in the system."...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/03/11 12:0 a.m.7 views

Unnamed vulnerability in Samsung mobile devices

Samsung mobile devices is a cell phone application from Samsung South Korea. It provides a communication function. A security vulnerability exists in Samsung mobile devices prior to SMR Mar-2021 Release 1, which stems from an incorrect lock screen status check. No details of the vulnerability are...

2.5CVSS6.8AI score0.00111EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/09 12:0 a.m.7 views

HAXX libcurl 信任管理问题漏洞

Haxx libcurl is an open source client-side URL transport library from the Swedish company Haxx. It supports protocols such as FTP, SFTP, TFTP and HTTP. Haxx libcurl suffers from a trust management issue vulnerability that can be exploited by an attacker to act as a man-in-the-middle by performing...

7.5CVSS6.7AI score0.09917EPSS
Exploits2References71
OSV
OSV
added 2020/09/25 7:15 p.m.8 views

PYSEC-2020-271

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

5.3CVSS6.1AI score0.00749EPSS
Exploits1References4
PyPA
PyPA
added 2020/09/25 7:15 p.m.5 views

PYSEC-2020-272

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.3 views

PT-2020-14263 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The issue occurs when a user passes a list of strings to dlpack.to dlpack, resulting in a memory leak following an expected validation failure. This happens...

9.8CVSS5.8AI score0.01235EPSS
Exploits16References68
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.2 views

PT-2020-14262 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The issue arises when a user passes an invalid argument to dlpack.to dlpack, causing variables to bind to nullptr while setting a status variable to the error...

9.8CVSS6AI score0.01235EPSS
Exploits16References68
RedHat Linux
RedHat Linux
added 2020/04/07 10:32 a.m.6 views

QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to crash the QEMU process,...

7.7CVSS7.7AI score0.04018EPSS
Exploits0References4
Rows per page
Query Builder