Lucene search
K

776 matches found

OSV
OSV
added 2022/02/18 9:50 p.m.11 views

GSD-2022-1000171 drm/nouveau: fix off by one in BIOS boundary checking

drm/nouveau: fix off by one in BIOS boundary checking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.178 by commit...

7.2AI score
Exploits0
Prion
Prion
added 2022/02/15 9:15 p.m.18 views

Design/Logic Flaw

Discourse is an open source discussion platform. In versions prior to 2.8.1 in the stable branch, 2.9.0.beta2 in the beta branch, and 2.9.0.beta2 in the tests-passed branch, users can trigger a Denial of Service attack by posting a streaming URL. Parsing Oneboxes in the background job trigger an...

4CVSS6.3AI score0.01141EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/02/11 1:15 a.m.2 views

DEBIAN-CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

7.5CVSS8.1AI score0.02698EPSS
Exploits0References1
OSV
OSV
added 2021/12/27 5:36 a.m.10 views

GSD-2021-1002681 xen/netback: don't queue unlimited number of packages

xen/netback: don't queue unlimited number of packages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/12/10 12:0 a.m.23 views

GitLab Information Disclosure Vulnerability (CNVD-2021-99767)

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, etc. An information disclosure vulnerability exists in GitLab CE/EE, which stems from an informati...

5.3CVSS3.1AI score0.01182EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/10 12:0 a.m.20 views

GitLab Access Control Error Vulnerability (CNVD-2021-99768)

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features.GitLab CE/EE is vulnerable to an access control error that stems from the...

4CVSS2.9AI score0.00908EPSS
Exploits0References1
0day.today
0day.today
added 2021/11/10 12:0 a.m.339 views

Microsoft OMI Management Interface Authentication Bypass Exploit

This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI management socket that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September...

9.8CVSS7.6AI score0.99723EPSS
Exploits20
RedHat Linux
RedHat Linux
added 2021/11/09 6:32 p.m.6 views

python-pip: Incorrect handling of unicode separators in git references

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity...

5.7CVSS7.2AI score0.01687EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:54 p.m.4 views

python-pip: Incorrect handling of unicode separators in git references

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity...

5.7CVSS7.2AI score0.01687EPSS
Exploits2References4
CNVD
CNVD
added 2021/11/01 12:0 a.m.30 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2021-91184)

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features.GitLab CE/EE is vulnerable to a cross-site scripting vulnerability that could b...

8.7CVSS4.2AI score0.60729EPSS
Exploits0References1
OSV
OSV
added 2021/10/19 4:24 p.m.11 views

UVI-2021-1001579 i40e: Fix freeing of uninitialized misc IRQ vector

i40e: Fix freeing of uninitialized misc IRQ vector This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.153 by commit...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2021/10/18 12:0 a.m.3 views

Enalean Tuleap Open Alm SQL注入漏洞

Enalean Tuleap Open Alm is a free and open source tool from Enalean France. for end-to-end traceability of application and system development. An SQL injection vulnerability exists in Enalean Tuleap Open Alm, which stems from the fact that Tuleap does not properly clean up user input when...

8.8CVSS8.1AI score0.01478EPSS
Exploits0References5
Prion
Prion
added 2021/09/18 4:15 p.m.16 views

Design/Logic Flaw

Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username...

6.4CVSS6.3AI score0.00822EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/09/08 12:0 a.m.6 views

Central Dogma 安全漏洞

Central Dogma is an open source service configuration version control repository based on Git, ZooKeeper and HTTP/2. A security vulnerability exists in Central Dogma that allows elevation of privilege by mirroring to an internal Dogma repository with files that manage project authorizations...

8.8CVSS7.9AI score0.0089EPSS
Exploits0References2
OSV
OSV
added 2021/08/06 2:15 p.m.3 views

CVE-2021-37548

In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS...

7.5CVSS5.8AI score0.00622EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.5 views

Jetbrains JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Jetbrains, a Czech company. The tool provides continuous unit testing, code quality analysis, and build issue analysis reporting.A security vulnerability exists in versions of JetBrains TeamCity...

7.5CVSS5.7AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2021/08/03 2:43 a.m.13 views

GSD-2021-1001444 memory: fsl_ifc: fix leak of IO mapping on probe failure

memory: fslifc: fix leak of IO mapping on probe failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.276 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/08/03 2:12 a.m.10 views

UVI-2021-1001340 x86/signal: Detect and prevent an alternate signal stack overflow

x86/signal: Detect and prevent an alternate signal stack overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.134 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/08/03 2:4 a.m.9 views

UVI-2021-1001309 net/sched: act_skbmod: Skip non-Ethernet packets

net/sched: actskbmod: Skip non-Ethernet packets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.136 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/07/08 1:56 a.m.17 views

UVI-2021-1001108 i2c: robotfuzz-osif: fix control-request directions

i2c: robotfuzz-osif: fix control-request directions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.238 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder