Lucene search
K

146 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.34 views

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:0585)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0585 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.7AI score0.73927EPSS
Exploits14References25
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.19 views

RHEL 6 / 7 : rh-ruby22-ruby (RHSA-2018:0583)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0583 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.7AI score0.73927EPSS
Exploits14References28
OSV
OSV
added 2023/11/21 9:15 p.m.5 views

DEBIAN-CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS9.5AI score0.01888EPSS
Exploits1References1
OSV
OSV
added 2023/11/21 9:15 p.m.11 views

AZL-42681 CVE-2023-48230 affecting package capnproto 1.0.1-4

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS6.6AI score0.01888EPSS
Exploits1References1
NVD
NVD
added 2023/11/21 9:15 p.m.17 views

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS0.01888EPSS
Exploits1References3
Prion
Prion
added 2023/11/21 9:15 p.m.18 views

Heap overflow

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

7.5CVSS7.9AI score0.01888EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/11/21 9:15 p.m.5 views

UBUNTU-CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS6.6AI score0.01888EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/11/21 9:15 p.m.29 views

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS7.9AI score0.01888EPSS
Exploits1References2
OSV
OSV
added 2023/11/21 8:53 p.m.21 views

CVE-2023-48230 Cap'n Proto WebSocket message can cause crash

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

5.9CVSS9.3AI score0.01888EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/11/21 8:53 p.m.23 views

CVE-2023-48230 Cap'n Proto WebSocket message can cause crash

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

5.9CVSS9.7AI score0.01888EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2023/11/21 8:53 p.m.32 views

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled,...

9.8CVSS9.4AI score0.01888EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/11/21 12:0 a.m.11 views

PT-2023-30747 · Unknown · Cap'N Proto +1

Name of the Vulnerable Software and Affected Versions: Cap'n Proto versions 1.0 through 1.0.1 Description: The issue is related to a buffer underrun that can be caused by a remote peer when using the KJ HTTP library with WebSocket compression enabled. This can result in a crash, enabling a remote...

9.8CVSS9.7AI score0.01888EPSS
Exploits1References11
CNNVD
CNNVD
added 2023/11/21 12:0 a.m.5 views

capnproto security breach

capnproto is capnproto open source a Proto serialization/RPC system - core tools and C++ libraries A security vulnerability exists in capnproto version 1.0 and 1.0.1, which stems from a buffer underrun issue when using the KJ HTTP library with WebSocket compression, and can be exploited by an...

9.8CVSS6.9AI score0.01888EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.16 views

Debian: Security Advisory (DLA-38-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.03252EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.4 views

PT-2025-54088

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's soundwire bus component related to power management runtime pm runtime handling. Specifically, an unbalanced pm runtime put call can lead to a usage...

5.5AI score0.00166EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2014-0326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.5AI score0.03252EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2017-0371)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.16412EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2021/07/22 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:2438-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.8AI score0.78684EPSS
Exploits28References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2016:3189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.03629EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.43 views

SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)

This update for ruby2.1 fixes the following issues : Security issues fixed : CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command bsc1043983. CVE-2016-7798: Fixed an IV Reuse in GCM Mode bsc1055265. CVE-2017-0898: Fixed a buffer underrun vulnerability...

9.8CVSS7.9AI score0.73927EPSS
Exploits22References125
Rows per page
Query Builder