Lucene search
+L

159 matches found

Amazon
Amazon
added 2024/10/02 12:0 a.m.4 views

Important: cups-filters

Issue Overview: A flaw in cups-filters allows a remote unauthenticated client to create a PPD configuration file with code injection. If a job is sent to the compromised printer, the code is executed allowing for remote code execution. CVE-2024-47175 Affected Packages: cups-filters Issue...

9.8CVSS8.1AI score0.62474EPSS
Exploits6
Exploit DB
Exploit DB
added 2024/08/24 12:0 a.m.212 views

Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

Elber Wayber Analog/Digital Audio STL 4.00 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: Version 3.0.0 Revision 1553 Firmware Ver. 4.00 Rev. 1501 Version 3.0.0 Revision 1542 Firmware Ver. 4.00 Rev. 1516 Version 3.0.0 Revision 1530 Firmware Ver. 4.00...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-2184)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.4AI score0.99506EPSS
Exploits69References2
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.20 views

CBL Mariner 2.0 Security Update: qemu (CVE-2023-3354)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3354 advisory. - A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether...

7.5CVSS6.4AI score0.01606EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.15 views

CVE-2024-27942

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...

7.5CVSS6.7AI score0.00687EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.18 views

CVE-2024-27942

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...

7.5CVSS7.4AI score0.00687EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.45 views

SUSE SLES12: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2024:1395-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1395-1 advisory. - CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free bsc1190011 - CVE-2022-0216: Fixed use-after-free in...

8.2CVSS7AI score0.01606EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2024/02/24 12:0 a.m.41 views

SUSE SLES15: qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2024:0589-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0589-1 advisory. - CVE-2021-3638: hw/display/ati2d: Fix buffer overflow in ati2dblt bsc1188609 - CVE-2023-3180: virtio-crypto: verify src and dst buffer length...

7.5CVSS7AI score0.01606EPSS
Exploits1References12
OSV
OSV
added 2024/01/18 3:48 p.m.23 views

GHSA-M24X-R6Q3-2VP9 Uncaught Exception processing HTTP Headers in SurrealDB

The ID, DB and NS headers accepted by the SurrealDB HTTP REST API would fail to parse when containing some special characters. This would cause a panic which would crash the SurrealDB server, leading to denial of service. This issue only affects the SurrealDB binary; it does not affect the...

7.5CVSS7.2AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/01/18 3:48 p.m.23 views

Uncaught Exception processing HTTP Headers in SurrealDB

The ID, DB and NS headers accepted by the SurrealDB HTTP REST API would fail to parse when containing some special characters. This would cause a panic which would crash the SurrealDB server, leading to denial of service. This issue only affects the SurrealDB binary; it does not affect the...

7.2AI score
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.2 views

GnuTLS Security Vulnerabilities

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols. A security vulnerability exists in GnuTLS that originates from allowing an unauthenticated remote client or attacker to launch a denial of service attack...

7.5CVSS6.9AI score0.01408EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.43 views

EulerOS 2.0 SP10 : qemu-micro (EulerOS-SA-2023-3228)

According to the versions of the qemu-micro package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtiocryptohandlesymreq. There is n...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/15 4:1 p.m.4 views

dotnet: .NET Denial of Service Vulnerability

A Denial of Service vulnerability was found in .NET Core project templates that utilize JWT-based authentication tokens. This issue may allow an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and making...

6.8CVSS5.7AI score0.02868EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/10 3:44 p.m.4 views

dotnet: .NET Denial of Service Vulnerability

A Denial of Service vulnerability was found in .NET Core project templates that utilize JWT-based authentication tokens. This issue may allow an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and making...

6.8CVSS5.7AI score0.02868EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/10 3:42 p.m.4 views

dotnet: .NET Denial of Service Vulnerability

A Denial of Service vulnerability was found in .NET Core project templates that utilize JWT-based authentication tokens. This issue may allow an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and making...

6.8CVSS5.7AI score0.02868EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/10 3:42 p.m.6 views

dotnet: .NET Denial of Service Vulnerability

A Denial of Service vulnerability was found in .NET Core project templates that utilize JWT-based authentication tokens. This issue may allow an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and making...

6.8CVSS5.7AI score0.02868EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.29 views

RHEL 9 : qemu-kvm (RHSA-2023:6227)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6227 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/13 12:0 a.m.29 views

Oracle Linux 9 : qemu-kvm (ELSA-2023-5094)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5094 advisory. - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service Tenable has extracted the preceding...

7.5CVSS6.7AI score0.01606EPSS
Exploits0References2
NVD
NVD
added 2023/07/11 5:15 p.m.29 views

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.2AI score0.01606EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2023/07/11 5:15 p.m.34 views

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QE...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
Rows per page
Query Builder