Lucene search
K

737 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/11 7:34 a.m.28 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2024, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21094...

7.5CVSS5.8AI score0.01361EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/09/11 12:0 a.m.33 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.36 (RHSA-2024:6412)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6412 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.2CVSS7.4AI score0.0283EPSS
Exploits0References7
OSV
OSV
added 2024/09/05 3:33 p.m.12 views

GHSA-G6Q4-W3J3-JFC4 Windmill HTTP Request users.rs excessive authentication in github.com/windmill-labs/windmill

A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component HTTP Request Handler. The manipulation leads to improper restriction of excessive authentication attempts. It is...

6.3CVSS4.2AI score0.00541EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/09/05 5:56 a.m.33 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.30 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.30 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

7.5CVSS7.4AI score0.02114EPSS
Exploits0References17
NVD
NVD
added 2024/09/04 6:15 p.m.21 views

CVE-2024-8417

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code. The attack can be...

8.1CVSS0.0073EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/09/03 7:43 p.m.21 views

CVE-2024-45391 Tina search token leak via lock file in TinaCMS

Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file tina-lock.json. Administrators of Tina-enabled websites with search setup...

7.5CVSS0.00306EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/02 2:0 p.m.17 views

CVE-2023-7279 Secure Systems Engineering Connaisseur Delegation Name targets_schema.json redos

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...

2.6CVSS7AI score0.00537EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/29 11:40 p.m.39 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed by upgrading or removing the vulnerable libraries. Please refer to the table in the Related Information section for vulnerability impact...

8.2CVSS7.3AI score0.01471EPSS
Exploits3Affected Software5
RedHat Linux
RedHat Linux
added 2024/08/29 3:20 a.m.28 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.64 security update

Red Hat OpenShift Container Platform release 4.12.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

7.5CVSS6.9AI score0.03397EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/26 4:32 p.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 17 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified...

7.3CVSS5.7AI score0.01276EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2024/08/23 6:54 p.m.15 views

request_store has Incorrect Default Permissions

Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...

7.8CVSS7.3AI score0.00194EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/08/22 7:42 p.m.21 views

BIT-VALKEY-2022-3647 Redis Crash Report debug.c sigsegvHandler denial of service

DISPUTED A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitabili...

3.3CVSS3.7AI score0.00573EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/08/22 12:2 p.m.24 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.28 packages and security update

Red Hat OpenShift Container Platform release 4.15.28 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01952EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/08/22 12:0 p.m.26 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.35 security update

Red Hat OpenShift Container Platform release 4.14.35 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01952EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/22 12:0 a.m.40 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.35 (RHSA-2024:5436)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5436 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.5AI score0.01952EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/08/19 1:2 a.m.25 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.63 security and extras update

Red Hat OpenShift Container Platform release 4.12.63 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of...

6CVSS6.7AI score0.00358EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.4 views

PT-2024-30443 · Tribulant · Tribulant Newsletters

Name of the Vulnerable Software and Affected Versions: Tribulant Newsletters versions 4.9.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For...

7.1CVSS6.4AI score0.00284EPSS
Exploits0References7
CVE
CVE
added 2024/08/15 8:11 p.m.51 views

CVE-2024-43366

CVE-2024-43366 concerns the zkvyper Vyper compiler. From versions 1.3.12 up to 1.5.3, the LLL IR may be compiled into a loop with a late exit condition due to insufficient Turing-noncompleteness checks, potentially causing loss of funds or other unwanted behavior if the loop body contains it. Rea...

9.1CVSS7.6AI score0.00511EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/15 8:11 p.m.12 views

CVE-2024-43366 zkvyper ignored loop range bounds

zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition. It leads to a loss of funds or other unwanted behavior if the loop body contains it. However,...

7.5CVSS7.6AI score0.00511EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/11 2:31 a.m.13 views

CVE-2024-7659 projectsend Password Reset Token functions.php generate_random_string random values

A vulnerability, which was classified as problematic, was found in projectsend up to r1605. Affected is the function generaterandomstring of the file includes/functions.php of the component Password Reset Token Handler. The manipulation leads to insufficiently random values. It is possible to...

6.3CVSS6.9AI score0.00786EPSS
Exploits0References5
Rows per page
Query Builder