Lucene search
K

82 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/01 12:0 a.m.49 views

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3254)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3254 advisory. aardvark-dns buildah 2:1.33.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...

8.6CVSS7.3AI score0.01956EPSS
Exploits1References6
CNVD
CNVD
added 2023/06/06 12:0 a.m.2 views

Dell EMC SCG Policy Manager Information Disclosure Vulnerability

Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, Inc. An information disclosure vulnerability exists in Dell EMC SCG Policy Manager version 5.14, which stems from insufficient protection of sensitive information in the upgrade path from SRS to SCG, and can be...

6.5CVSS6.4AI score0.00338EPSS
Exploits0References1
OSV
OSV
added 2023/06/01 4:15 p.m.1 views

CVE-2023-28043

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text...

6.5CVSS6.7AI score0.00338EPSS
Exploits0References1
NVD
NVD
added 2023/06/01 4:15 p.m.20 views

CVE-2023-28043

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text...

6.5CVSS6.2AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/01 3:58 p.m.19 views

CVE-2023-28043

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text...

6.5CVSS6.4AI score0.00338EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/01 12:0 a.m.4 views

Dell EMC SCG Policy Manager 加密问题漏洞

Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, Inc. An information disclosure vulnerability exists in Dell EMC SCG Policy Manager version 5.14, which stems from insufficient protection of sensitive information in the upgrade path from SRS to SCG, and can be...

6.5CVSS6.3AI score0.00338EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.3 views

PT-2023-21508 · Dell · Dell Scg

Name of the Vulnerable Software and Affected Versions: Dell SCG version 5.14 Description: The issue is an information disclosure vulnerability that occurs during the SRS to SCG upgrade path. A remote low-privileged malicious user could potentially exploit this to retrieve plain text...

6.5CVSS6.2AI score0.00338EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.148 views

python27:2.7 security update

babel 2.5.1-10 - Fix CVE-2021-20095 Resolves: rhbz1955615 2.5.1-9 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 2.5.1-8 - Fix unversioned requires/buildrequires - Resolves: rhbz1628242 2.5.1-7 - Remove unversioned binaries - Resolves: rhbz1613343 2.5.1-6 - Make...

9.8CVSS7.1AI score0.17078EPSS
Exploits6
NVD
NVD
added 2023/05/04 8:15 a.m.40 views

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

9.9CVSS9.5AI score0.00779EPSS
Exploits0References2
Prion
Prion
added 2023/05/04 8:15 a.m.19 views

Privilege escalation

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

6.5CVSS9.4AI score0.00779EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/04 7:53 a.m.45 views

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

9.9CVSS9.7AI score0.00779EPSS
Exploits0References2
OSV
OSV
added 2023/05/04 7:53 a.m.39 views

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

9.9CVSS7.2AI score0.00779EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/04/26 1:54 a.m.2 views

SUSE CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

9.9CVSS6.8AI score0.00779EPSS
Exploits0References4
curl security advisories
curl security advisories
added 2023/02/15 8:0 a.m.9 views

HSTS amnesia with --parallel

curl's HSTS cache saving behaves wrongly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when...

6.5CVSS6.8AI score0.00861EPSS
Exploits0References1Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.3 views

SUSE CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS7.7AI score0.01196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/16 12:0 a.m.4 views

PT-2022-25260 · Rdiffweb · Rdiffweb

Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.5.0a6 Description: The issue concerns a missing authentication mechanism for a critical function in the rdiffweb GitHub repository. Recommendations: For versions prior to 2.5.0a6, update to version 2.5.0a6 or late...

6.1CVSS5.3AI score0.00809EPSS
Exploits1References10
CheckPoint Security
CheckPoint Security
added 2022/07/03 10:15 p.m.59 views

Check Point response to CVE-2022-0778

Symptoms Dell published CVE-2022-0778 for: iDRAC8 versions before 2.83.83.83 iDRAC9 versions before 5.10.30.00 Cause Refer to DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability. Solution Important Note: If you have not enabled iDRAC as described in sk122914, th...

5CVSS3.6AI score0.70561EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/13 12:0 a.m.4 views

PT-2022-16880 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.2 Description: The issue arises when importing a function from a JSON interface that returns bytes, generating bytecode that does not clamp the bytes length, potentially resulting in a buffer overrun. There are no...

9.8CVSS9.5AI score0.00948EPSS
Exploits0References9
OSV
OSV
added 2021/12/24 11:3 a.m.3 views

OESA-2021-1472 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages...

6.5CVSS6.9AI score0.02682EPSS
Exploits0References2
OSV
OSV
added 2021/12/07 12:0 p.m.21 views

RUSTSEC-2021-0128 Incorrect Lifetime Bounds on Closures in `rusqlite`

The lifetime bound on several closure-accepting rusqlite functions specifically, functions which register a callback to be later invoked by SQLite was too relaxed. If a closure referencing borrowed values on the stack is was passed to one of these functions, it could allow Rust code to access...

7.5CVSS7.5AI score0.0118EPSS
Exploits7References3
Rows per page
Query Builder