Lucene search
K

266 matches found

Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.12 views

PT-2025-7836 · Wpsoul · Wpsoul Greenshift

Name of the Vulnerable Software and Affected Versions: wpsoul Greenshift versions through 10.8 Description: The issue affects wpsoul Greenshift, allowing Stored XSS due to improper neutralization of input during web page generation. Recommendations: For versions through 10.8, update to a version...

6.5CVSS9.2AI score0.00266EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/13 12:0 a.m.11 views

FreeBSD : vscode -- multiple vulnerabilities (cbf5d976-656b-4bb6-805f-3af038e2de3e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cbf5d976-656b-4bb6-805f-3af038e2de3e advisory. VSCode developers report: The update addresses these issues, including a fix for a security...

7.3CVSS8.3AI score0.00735EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/02/13 12:0 a.m.2 views

Ubuntu 20.04 LTS : Ruby regression (USN-7256-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7256-2 advisory. USN-7256-1 fixed vulnerabilities in Ruby. The update introduced a minor regression. This update fixes the problem. We apologize for the inconvenience. Tenable has...

5.6AI score
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/10 10:2 p.m.16 views

CVE-2025-25193

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS6.5AI score0.00384EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 2:31 a.m.13 views

CVE-2024-42348

FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...

9.3CVSS9.1AI score0.00587EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/02/04 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2025:0338-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS7AI score0.00971EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/12/17 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2024:4326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS9.6AI score0.00835EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/03 12:0 a.m.8 views

PT-2024-39976 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 4.1.1 Description: The issue allows a local attacker to cause information leaks through out-of-bounds reads. Recommendations: For OpenHarmony versions prior to 4.1.1, update to a version that contains a fix for...

5.5CVSS6.7AI score0.00152EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.3 views

PT-2024-34979 · Unknown · Bcristopeit Wow Guild Armory Roster

Name of the Vulnerable Software and Affected Versions: bcristopeit WoW Guild Armory Roster versions 0.5.5 and earlier Description: The issue affects the bchristopeit WoW Guild Armory Roster, allowing Stored XSS due to improper neutralization of input during web page generation. This can lead to...

6.5CVSS5.6AI score0.00374EPSS
Exploits0References3
OSV
OSV
added 2024/11/08 3:1 p.m.18 views

OPENSUSE-SU-2024:0358-1 Security update for qbittorrent

This update for qbittorrent fixes the following issues: - Update to version 5.0.1 fixes boo1232731 CVE-2024-51774 Added features: Add 'Simple pread/pwrite' disk IO type Bug fixes: Don't ignore SSL errors boo1232731 CVE-2024-51774 Don't try to apply Mark-of-the-Web to nonexistent files Disable 'Mo...

8.1CVSS8.1AI score0.03295EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.4 views

PT-2024-29688 · Spotify · Spotify

Name of the Vulnerable Software and Affected Versions: Spotify app version 8.9.58 Description: The issue is related to a buffer overflow in the Spotify app's use of the strcat function. Recommendations: For version 8.9.58, update to a newer version that contains a fix for this issue...

7.5CVSS7.7AI score0.00596EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/09 6:21 p.m.19 views

CVE-2024-47815 Cross-site Scripting in IncidentReporting

IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a variety of Cross-site Scripting issues, though all of them require elevated permissions. Some are available to anyone who has the editincidents right, some are available to those w...

6CVSS0.00402EPSS
Exploits0References3
Mageia
Mageia
added 2024/10/05 10:55 p.m.29 views

Updated rootcerts nss firefox firefox-l10n packages fix security vulnerabilities

The current versions have reached EOL and several security vulnerabilities were fixed by Mozilla. We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...

9.8CVSS7.7AI score0.04395EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/10/04 12:0 a.m.5 views

PT-2024-39529 · WordPress · Re:Wp

Name of the Vulnerable Software and Affected Versions: Re:WP plugin for WordPress version 1.0.1 and earlier Description: The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.1AI score0.00296EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2024/09/24 12:0 a.m.329 views

kernel security update

4.18.0-553.22.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

8.8CVSS8.2AI score0.01028EPSS
Exploits2
OSV
OSV
added 2024/09/15 9:48 p.m.13 views

RHSA-2014:0899 Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Bulletin has no description...

9CVSS6.1AI score0.02942EPSS
Exploits0References13
Oracle linux
Oracle linux
added 2024/08/30 12:0 a.m.33 views

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.8-1 - Update to 15.8 - Fix CVE-2024-7348...

8.8CVSS9AI score0.01565EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/21 12:0 a.m.12 views

Joomla! URL Validation Vulnerability (20240801)

Joomla! is prone to an inadequate validation of internal URLs vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS5.1AI score0.00239EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/08/14 12:0 a.m.475 views

nginx -- Vulnerability in the ngx_http_mp4_module

The nginx development team reports: This update fixes the buffer overread vulnerability in the ngxhttpmp4module...

5.7CVSS7AI score0.0032EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.4 views

PT-2024-22383 · Azuresoft · Azuresoft Myhorus

Name of the Vulnerable Software and Affected Versions: AzureSoft MyHorus version 4.3.5 Description: A SQL injection issue allows authenticated users to execute arbitrary SQL commands. Recommendations: For AzureSoft MyHorus version 4.3.5, update to a newer version that contains a fix for this issu...

7.5CVSS8.6AI score0.00377EPSS
Exploits0References4
Rows per page
Query Builder