Lucene search
+L

80 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.8 views

Siemens SCALANCE Devices Out-of-bounds Write (CVE-2023-6129)

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS6.9AI score0.02323EPSS
Exploits0References8
Veracode
Veracode
added 2024/06/12 7:10 a.m.20 views

Remote Code Execution

lightning is vulnerable to a Remote Code Execution. This vulnerability is due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library, which attackers can exploit to manipulate the application state and execute arbitrary code remotely...

9.8CVSS8AI score0.26488EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2024/06/06 6:15 p.m.61 views

CVE-2024-5452

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS0.26488EPSS
Exploits3References2
CVE
CVE
added 2024/06/06 5:54 p.m.72 views

CVE-2024-5452

CVE-2024-5452 affects lightning-ai/pytorch-lightning (v2.2.1) and arises from insecure deserialization via deepdiff.Delta, where dunder attributes can be manipulated to bypass whitelists and cause arbitrary attribute writes, yielding remote code execution (RCE) on self-hosted PyTorch Lightning ap...

9.8CVSS9.9AI score0.26488EPSS
Exploits3References2Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/30 10:36 a.m.6 views

openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

A flaw was found in in the POLY1305 MAC message authentication code implementation in OpenSSL, affecting applications running on PowerPC CPU-based platforms that utilize vector instructions, and has the potential to corrupt the internal state of these applications. If an attacker can manipulate t...

6.5CVSS7.1AI score0.02323EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/03/21 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1417)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.3AI score0.04459EPSS
Exploits0References2
Veracode
Veracode
added 2024/01/30 7:15 p.m.37 views

Out-of-bounds Write

openssl:edge is vulnerable of Out-of-bounds Write. The vulnerability due to the application state might be corrupted with various application dependent consequences when returning to the caller. It allows an attacker could get complete control of the application process which leads to denial of...

6.5CVSS7AI score0.02323EPSS
Exploits0References13Affected Software1
SUSE CVE
SUSE CVE
added 2024/01/11 2:41 a.m.4 views

SUSE CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS8.5AI score0.02323EPSS
Exploits0References6
NVD
NVD
added 2024/01/09 5:15 p.m.26 views

CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS7AI score0.02323EPSS
Exploits0References13
Prion
Prion
added 2024/01/09 5:15 p.m.46 views

Design/Logic Flaw

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

4CVSS7.5AI score0.02323EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/01/09 4:36 p.m.36 views

CVE-2023-6129 POLY1305 MAC implementation corrupts vector registers on PowerPC

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

7.2AI score0.02323EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/01/09 4:36 p.m.86 views

CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS7.8AI score0.02323EPSS
Exploits0
OSV
OSV
added 2024/01/09 4:36 p.m.37 views

CVE-2023-6129 POLY1305 MAC implementation corrupts vector registers on PowerPC

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS7AI score0.02323EPSS
Exploits0References15
AlpineLinux
AlpineLinux
added 2024/01/09 4:36 p.m.43 views

CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS7.1AI score0.02323EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/01/09 12:0 a.m.51 views

CVE-2023-6129

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS6.9AI score0.02323EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.6 views

PT-2024-2726 · Mysql Server +8 · Mysql Server +8

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to the fixed version MySQL Server versions 8.0.36 and earlier, 8.3.0 and earlier Description: The POLY1305 MAC implementation in OpenSSL contains a bug that might corrupt the internal state of applications running on...

6.5CVSS8.8AI score0.05533EPSS
Exploits0References129
NVD
NVD
added 2024/01/08 9:15 a.m.25 views

CVE-2023-29051

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...

8.1CVSS8AI score0.00546EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/08 9:4 a.m.32 views

CVE-2023-29051

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...

8.1CVSS8.2AI score0.00546EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3283)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00862EPSS
Exploits0References2
OSV
OSV
added 2023/09/08 12:15 p.m.14 views

AZL-39646 CVE-2023-4807 affecting package kata-containers for versions less than 3.2.0.azl1-1

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

7.8CVSS6.8AI score0.00862EPSS
Exploits0References1
Rows per page
Query Builder