Lucene search
K

6773 matches found

OSV
OSV
added 2024/12/09 2:15 a.m.12 views

CVE-2024-55565

nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...

4.3CVSS7.1AI score
Exploits0References5
OSV
OSV
added 2024/12/09 2:15 a.m.2 views

UBUNTU-CVE-2024-55565

nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...

4.3CVSS6.7AI score0.00666EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.24 views

CVE-2024-55565

nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...

0.00666EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

nanoid 安全漏洞

nanoid Nano ID is a small, secure, URL-friendly, unique string ID generator for JavaScript by the individual developer Andrey Sitnik. A security vulnerability exists in nanoid versions prior to 5.0.9, which stems from improper handling of non-integer values...

4.3CVSS6.2AI score0.00666EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/12/09 12:0 a.m.11 views

CVE-2024-55565

nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...

4.3CVSS6.1AI score0.00666EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/12/08 12:0 a.m.15 views

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

7AI score0.00562EPSS
Exploits0References3
OSV
OSV
added 2024/12/05 3:33 p.m.14 views

SUSE-SU-2024:4208-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-42133: Bluetooth: Ignore too larg...

7.8CVSS7.4AI score0.00614EPSS
Exploits0References15
AlpineLinux
AlpineLinux
added 2024/11/29 8:15 p.m.13 views

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

9.1CVSS6.9AI score0.00621EPSS
Exploits0
NVD
NVD
added 2024/11/29 8:15 p.m.20 views

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

9.1CVSS0.00621EPSS
Exploits0References3
OSV
OSV
added 2024/11/29 8:15 p.m.10 views

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

9.1CVSS6.6AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.6 views

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

6.8AI score0.00621EPSS
Exploits0References3
CVE
CVE
added 2024/11/29 12:0 a.m.85 views

CVE-2024-35366

CVE-2024-35366 affects FFmpeg v6.1.1. The vulnerability is in the parse_options function of sbgdec.c in the libavformat module, where certain inputs are not properly validated. This can allow negative duration values to be accepted without bounds checking, leading to an integer overflow and poten...

9.1CVSS6.8AI score0.00621EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.31 views

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

0.00621EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/11/26 3:47 a.m.1 views

SUSE CVE-2024-53101

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

6.1CVSS6.6AI score0.00248EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.6 views

PT-2024-35775 · Taiga · Taiga

Name of the Vulnerable Software and Affected Versions: Taiga version 6.8.1 Description: A CSV injection issue allows attackers to execute arbitrary code via uploading a crafted CSV file. This is achieved by loading a specifically manipulated CSV file, enabling the execution of arbitrary code...

8.8CVSS8.4AI score0.00675EPSS
Exploits0References5
OSV
OSV
added 2024/11/25 10:15 p.m.0 views

DEBIAN-CVE-2024-53101

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

5.5CVSS5.7AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/11/25 10:15 p.m.9 views

UBUNTU-CVE-2024-53101

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References48
Vulnrichment
Vulnrichment
added 2024/11/25 9:21 p.m.1 views

CVE-2024-53101 fs: Fix uninitialized value issue in from_kuid and from_kgid

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

7.6AI score0.00248EPSS
Exploits0References8
OSV
OSV
added 2024/11/25 6:41 p.m.2 views

GHSA-V7GV-XPGF-6395 Keycloak Build Process Exposes Sensitive Data

A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...

8.2CVSS5.7AI score0.00937EPSS
Exploits0References10
OSV
OSV
added 2024/11/25 5:18 p.m.4 views

CLSA-2024-1732555093 Fix CVE(s): CVE-2020-27767

SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correct...

4.3CVSS7AI score0.01124EPSS
Exploits1References1
Rows per page
Query Builder