Lucene search
K

64 matches found

OSV
OSV
added 2024/08/06 10:3 p.m.35 views

GO-2024-3007 snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd

snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

8.2CVSS6.7AI score0.00306EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2024/06/17 9:20 p.m.7 views

ai.djl.android:core (>=0.20.0 <=0.27.0), ai.djl.android:onnxruntime (>=0.20.0 <=0.27.0) +155 more potentially affected by CVE-2024-37902 via ai.djl:api (>=0.20.0 <=0.27.0)

ai.djl:api MAVEN version =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.26.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.27.0 and more Source cves: CVE-2024-37902 Source advisory: OSV:GHSA-W877-JFW7-46RJ...

10CVSS7.2AI score0.00655EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/04 3:30 p.m.6 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +6727 more potentially affected by CVE-2024-2700 via io.quarkus:quarkus-core (>=0.11.0 <=3.2.11.Final)

io.quarkus:quarkus-core MAVEN version =0.11.0, =0.1.0, =0.1.0, =0.0.2, =0.1.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.11 and more Source cves: CVE-2024-2700 Source advisory: OSV:GHSA-F8H5-V2VG-46RR...

7CVSS7AI score0.00286EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/27 9:54 p.m.2 views

cloud.piranha.extension:piranha-extension-hazelcast (>=21.11.0 <=22.2.0), cn.vertxup:infix-mysql (=0.8.1) +124 more potentially affected by CVE-2023-45859 via com.hazelcast:hazelcast (>=5.0 <=5.0.5)

com.hazelcast:hazelcast MAVEN version =5.0, =21.11.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.8.1 and more Source cves: CVE-2023-45859 Source advisory: OSV:GHSA-XH6M-7CR7-XX66...

7.6CVSS7.1AI score0.00503EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/12/27 9:31 p.m.4 views

cc.allio.uno:uno-core (>=1.1.9 <=1.2.1), cc.allio.uno:uno-data (>=1.1.9 <=1.2.1) +583 more potentially affected by CVE-2023-51079 via org.mvel:mvel2 (=2.5.0.Final)

org.mvel:mvel2 MAVEN version =2.5.0.Final is affected by a known vulnerability. The following packages have a transitive dependency on org.mvel:mvel2 and may be impacted: - cc.allio.uno:uno-core =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =1.1.9...

5.3CVSS5.9AI score0.00737EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/11/28 9:30 a.m.4 views

am.ik.access-logger:access-logger (>=0.1.0 <=0.1.2), cn.herodotus.engine:event-core (=3.0.1.0) +618 more potentially affected by CVE-2023-34055 via org.springframework.boot:spring-boot-actuator (>=3.0.0 <=3.0.12)

org.springframework.boot:spring-boot-actuator MAVEN version =3.0.0, =0.1.0, =0.1.2 - cn.herodotus.engine:event-core =3.0.1.0 - cn.herodotus.engine:event-message-spring-boot-starter =3.0.1.0 - cn.herodotus.engine:event-pay-spring-boot-starter =3.0.1.0 -...

6.5CVSS6.9AI score0.01219EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/26 12:0 a.m.3 views

PT-2023-12781 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal core versions prior to the fixed version Description: The form API in Drupal core has a vulnerability that affects certain contributed or custom modules' forms, making them susceptible to improper input validation. This could allow an...

7.5CVSS6.8AI score0.00568EPSS
Exploits0References12
vulnersOsv
vulnersOsv
added 2022/08/11 3:57 p.m.6 views

biz.netcentric.cq.tools.aemmjml:aemmjml-components-bundle (=0.1.0), com.adobe.aem.commons:assetshare.core (>=1.9.6 <=3.13.6) +23 more potentially affected by CVE-2022-35697 via com.adobe.cq:core.wcm.components.core (>=1.1.0 <=2.20.6)

com.adobe.cq:core.wcm.components.core MAVEN version =1.1.0, =1.9.6, =2012.12.01, =2012.12.01, =0.0.6, =0.0.4, =0.0.6, =0.0.6, =1.2.0, =0.1.0, =2.5.0, =2.10.0, =2.10.0, =2.10.0, =2.20.6 and more Source cves: CVE-2022-35697 Source advisory: OSV:GHSA-QCGC-6Q86-7X2P...

5.4CVSS6AI score0.00578EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 1:18 a.m.9 views

ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0), be.objectify:deadbolt-core_2.10 (>=2.2.0 <=2.4.3) +1203 more potentially affected by CVE-2014-3558 via org.hibernate:hibernate-validator (>=5.0.0.Alpha1 <=5.1.1.Final)

org.hibernate:hibernate-validator MAVEN version =5.0.0.Alpha1, =1.0.0, =2.2.0, =2.4.0, =2.2.0, =2.4.0, =2.2.0, =2.4.0, =2.0.0, =4.0.0.Final, =4.3.0-beta-3 - br.com.caelum:vraptor-musicjungle =4.0.0-beta-1 - br.com.ingenieux.dropwizard:dropwizard-envvar =0.0.1 -...

5CVSS5.8AI score0.02913EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/18 5:56 p.m.6 views

cc.akkaha:asura-core_2.12 (=0.3.0), cc.akkaha:asura-dubbo_2.12 (>=0.2.0 <=0.6.0) +285 more potentially affected by CVE-2021-25640 via com.alibaba:dubbo (>=2.5.10 <=2.6.8)

com.alibaba:dubbo MAVEN version =2.5.10, =0.2.0, =0.1.5, =0.1.5, =11.0.1-RELEASE, =11.0.1-RELEASE, =1.0, =1.4.0, =1.4.0, =1.4.0, =1.0.0, =1.0.1 and more Source cves: CVE-2021-25640 Source advisory: OSV:GHSA-GW4J-4229-Q4PX...

6.1CVSS6.3AI score0.02073EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/10 8:22 p.m.4 views

org.eclipse.hono:client-device-connection-infinispan (>=1.2.0 <=1.12.3), org.eclipse.hono:hono-adapter-amqp-vertx (>=0.7 <=1.12.3) +67 more potentially affected by CVE-2020-27217 via org.eclipse.hono:hono-core (>=0.5 <=1.4.0)

org.eclipse.hono:hono-core MAVEN version =0.5, =1.2.0, =0.7, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =1.4.0, =0.8-M11, =0.8-M11, =1.10.0, =0.5, =0.5, =1.10.0, =0.5, =1.0-M5, =1.12.3 and more Source cves: CVE-2020-27217 Source advisory: OSV:GHSA-9F52-HPVW-V96W...

7.5CVSS7.2AI score0.01289EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/11/01 7:18 p.m.6 views

org.dspace.modules:additions (=7.0-preview-1), org.dspace.modules:oai (=7.0-preview-1) +12 more potentially affected by CVE-2021-41189 via org.dspace:dspace-api (=7.0-preview-1)

org.dspace:dspace-api MAVEN version =7.0-preview-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.dspace:dspace-api and may be impacted: - org.dspace.modules:additions =7.0-preview-1 - org.dspace.modules:oai =7.0-preview-1 - org.dspace.modules:rdf...

9CVSS7AI score0.0199EPSS
Exploits1
OSV
OSV
added 2021/06/16 4:15 p.m.6 views

DRUPAL-CONTRIB-2021-017

This module provides a revision UI to Block Content entities. The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules. This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions...

6.8AI score
Exploits0References1
OSV
OSV
added 2021/06/16 4:5 p.m.3 views

DRUPAL-CONTRIB-2021-016

This module provides a revision UI to Linky entities. The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules. This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions provided ...

6.8AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/04/22 4:14 p.m.5 views

am.ik.blog:blog-mapper (>=4.0.0 <=4.6.0), app.myoss.cloud.mybatis:myoss-mybatis (>=2.0.0.RELEASE <=2.1.7.RELEASE) +8869 more potentially affected by CVE-2020-26945 via org.mybatis:mybatis (>=2.3.5 <=3.5.5)

org.mybatis:mybatis MAVEN version =2.3.5, =4.0.0, =2.0.0.RELEASE, =2.0.0.RELEASE, =1.2.0, =20.3.0, =19.3.0, =20.3.0, =19.3.0, =19.3.0, =23.1.0, =2.23.0, =19.3.0, =19.3.0, =19.3.0, =0.1.0, =1.6.0 and more Source cves: CVE-2020-26945 Source advisory: OSV:GHSA-QQ48-M4JX-XQH8...

8.1CVSS7.2AI score0.0182EPSS
Exploits0
OSV
OSV
added 2021/03/22 7:15 p.m.4 views

CVE-2021-22320

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS...

7.5CVSS7.1AI score0.00727EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2019/03/06 5:36 p.m.22 views

com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework (=0.1.0), com.hubspot.mesos.rx.java:mesos-rxjava-protobuf-client (=0.1.0) +4 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (=1.6.1)

org.apache.mesos:mesos MAVEN version =1.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.mesos:mesos and may be impacted: - com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework =0.1.0 -...

7.5CVSS7.1AI score0.0497EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 5:23 p.m.7 views

am.ik.home:uaa-client (>=1.3.0 <=1.8.1), am.ik.home:uaa-integration-test (>=1.3.0 <=1.8.1) +229 more potentially affected by CVE-2018-1273 via org.springframework.data:spring-data-commons (>=1.13.0.RELEASE <=1.13.10.RELEASE)

org.springframework.data:spring-data-commons MAVEN version =1.13.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =0.0.1, =0.2.0, =1.0.6, =6.2.0.6, =6.2.0.5, =6.2.0.4, =6.2.0.4, =6.2.0.5, =1.2.0, =1.2.0, =1.6.6 and more Source cves: CVE-2018-1273 Source advisory: OSV:GHSA-4FQ3-MR56-CG6R...

9.8CVSS7.2AI score0.95649EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2018/10/16 5:35 p.m.6 views

org.apache.storm:flux-core (>=1.2.0 <=1.2.1), org.apache.storm:storm-elasticsearch-examples (>=1.2.0 <=1.2.1) +14 more potentially affected by CVE-2018-8008 via org.apache.storm:storm-core (>=1.2.0 <=1.2.1)

org.apache.storm:storm-core MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.1 and more Source cves: CVE-2018-8008 Source advisory: OSV:GHSA-898J-5CC8-CMF5...

5.8CVSS6.4AI score0.02361EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2009/07/27 9:34 a.m.3 views

python: Multiple integer overflows discovered by Google

Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to 1 Include/pymem.h; 2 csv.c, 3 struct.c, 4 arraymodule.c, 5 audioop.c, 6 binascii.c, 7 cPickle.c, 8 cStringIO.c, 9 cjkcodecs/multibytecodec.c, 10...

7.5CVSS6.7AI score0.03665EPSS
Exploits2References4
Rows per page
Query Builder