10 matches found
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in...
Out-of-bounds Read
Overview Microsoft.Bcl.Memory is a package that provides Index and Range types to simplify slicing operations on collections for .NET Framework and .NET Standard 2.0. Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can...
Linux Distros Unpatched Vulnerability : CVE-2022-39370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
DEBIAN-CVE-2024-56195
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...
UBUNTU-CVE-2024-56196
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 10.0.4, which fixes the issue...
UBUNTU-CVE-2024-56202
Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...
PT-2025-9863 · Apache +1 · Apache Traffic Server +1
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.11 Apache Traffic Server versions 9.0.0 through 9.2.8 Apache Traffic Server versions 10.0.0 through 10.0.3 Description: The issue is related to Improper Input Validation. Users are advised to...
PT-2022-24938 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue allows an administrator to store malicious code in an entity name. This can potentially lead to security breaches. The estimated number of potentially affected devices is not specified...
PT-2022-7397 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to a time-based attack using a SQL injection in the API REST user token. This can allow a remote attacker to exploit the vulnerability, potentially leading to server port scannin...
PT-2022-7395 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to insufficient session expiration in the GLPI system, which can allow a remote attacker to impact the system's integrity. A deleted or deactivated user could continue to use the...