Lucene search
K

72 matches found

SUSE CVE
SUSE CVE
added 2024/06/01 2:24 a.m.5 views

SUSE CVE-2024-36019

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcachemapledrop When keeping the upper end of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e. max - mas.index. The code was...

6.6CVSS6.9AI score0.0024EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.13 views

Oracle Linux 8 : Image / builder / components (ELSA-2024-2961)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2961 advisory. osbuild 110-1 - New upstream release 109-1 - New upstream release 106-1 - New upstream release 105-1 - New upstream release 104-2 - Fix unit tests in RHEL CI by...

6.1CVSS6.2AI score0.00188EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2024/05/24 12:0 a.m.17 views

Image builder components bug fix, enhancement and security update

osbuild 110-1 - New upstream release 109-1 - New upstream release 106-1 - New upstream release 105-1 - New upstream release 104-2 - Fix unit tests in RHEL CI by backporting upstream fixes 104-1 - New upstream release 101-1 - New upstream release 100-2 - Change unit-test timeout from 3h to 4h 100-...

6.1CVSS6.8AI score0.00188EPSS
Exploits0
OSV
OSV
added 2024/05/17 3:15 p.m.3 views

UBUNTU-CVE-2023-52679

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap In ofparsephandlewithargsmap the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired by the previous iteration of the inner loop. Thi...

7.8CVSS6.2AI score0.00264EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.17 views

Fedora: Security Advisory for truth (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.27 views

[SECURITY] Fedora 40 Update: testng-7.8.0-5.fc40

TestNG is a testing framework inspired from JUnit and NUnit but introducing some new functionality, including flexible test configuration, and distributed test running. It is designed to cover unit tests as well as functional, end-to-end, integration, etc...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
OSV
OSV
added 2024/03/06 11:6 a.m.56 views

BIT-SILVERSTRIPE-2020-25817

SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity XXE attacks. When this developer utility is misused for purposes involving external or user submitted data in custom...

4.8CVSS5AI score0.0082EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/04 6:15 p.m.85 views

CVE-2021-47107 NFSD: Fix READDIR buffer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small say, zero, then the buffer size calculation in the new initdirlist helper functions results in an underflow, allowing the XDR stream...

7.6AI score0.00379EPSS
Exploits1References3
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.12 views

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...

6.9AI score
Exploits0
OSV
OSV
added 2023/07/24 9:15 a.m.16 views

UBUNTU-CVE-2023-38056

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

7.2CVSS6AI score0.0079EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.4 views

PT-2023-26267 · Otrs +1 · Otrs +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.44 OTRS versions 8.0.X through 8.0.34 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to improper neutralization of commands allowed to be executed via OTRS System...

9.8CVSS5.4AI score0.01273EPSS
Exploits0References30
OSV
OSV
added 2023/07/06 9:15 p.m.8 views

CLSA-2023-1688678110 Fix CVE(s): CVE-2021-33582

SECURITY UPDATE: String hashing algorithm collisions - debian/patches/0021-CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/0022-CVE-2021-33582.patch: replace ad-hoc algorithm with seeded djb2 and use it when hashing - CVE-2021-33582 Enable the internal cun...

7.5CVSS7.1AI score0.0307EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/23 5:59 p.m.3 views

jenkins-plugin/junit: Stored XSS vulnerability in JUnit Plugin

A flaw was found in the JUnit Jenkins plugin. The manipulation with an unknown input leads to a Cross-site scripting vulnerability, impacting the integrity. This flaw allows an attacker to inject arbitrary HTML and script code into the website...

5.4CVSS5.9AI score0.77007EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 7:4 p.m.50 views

GHSA-3VJC-5X79-M9R8 SilverStripe XXE Vulnerability in CSSContentParser

SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity XXE attacks. When this developer utility is misused for purposes involving external or user submitted data in custom...

4.8CVSS5AI score0.0082EPSS
Exploits0References6
Kitploit
Kitploit
added 2021/11/14 11:30 a.m.36 views

ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file by...

7.6AI score
Exploits0References9
Imperva Blog
Imperva Blog
added 2021/07/27 3:12 p.m.57 views

Machine Learning Testing for Data Scientists

In one software development project after another, it has been proven that testing saves time. Does this hold true for machine learning projects? Should data scientists write tests? Will it make their work better and/or faster? We believe the answer is YES! In this post we describe a full...

8.1AI score
Exploits0
Kitploit
Kitploit
added 2021/06/22 12:30 p.m.153 views

Swift-Attack - Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods

Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries which should be easier for detection as well as post exploitation examples using API call...

5.5CVSS6.1AI score0.68531EPSS
Exploits5References5
Positive Technologies
Positive Technologies
added 2021/06/08 12:0 a.m.5 views

PT-2021-11184 · Silverstripe +3 · Silverstripe +2

SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity XXE attacks. When this developer utility is misused for purposes involving external or user submitted data in custom...

4.8CVSS4.9AI score0.0082EPSS
Exploits0References12
Friends Of PHP
Friends Of PHP
added 2020/12/31 7:20 p.m.63 views

XSS Vulnerability in HTML Writer

This is: - X a bugfix - a new feature Checklist: - X Changes are covered by unit tests - X Code style is respected - X Commit message explains why the change is made see https://github.com/erlang/otp/wiki/Writing-good-commit-messages - X CHANGELOG.md contains a short summary of the change -...

7.1CVSS6.3AI score0.01301EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.42 views

SUSE SLED15 / SLES15 Security Update : libssh2_org (SUSE-SU-2020:3551-1)

This update for libssh2org fixes the following issues : Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading -...

9.3CVSS7.6AI score0.09219EPSS
Exploits1References23
Rows per page
Query Builder