Lucene search
K

661 matches found

OpenVAS
OpenVAS
added 2023/05/20 12:0 a.m.16 views

Fedora: Security Advisory for cups-filters (FEDORA-2023-6ca587ac4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.03697EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/05/19 9:4 p.m.22 views

CVE-2023-28623 Unauthorized user can register an account in specific configurations in Zulip

Zulip is an open-source team collaboration tool with unique topic-based threading. In the event that 1: ZulipLDAPAuthBackend and an external authentication backend any aside of ZulipLDAPAuthBackend and EmailAuthBackend are the only ones enabled in AUTHENTICATIONBACKENDS in /etc/zulip/settings.py...

6.5CVSS6.7AI score0.00527EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.6 views

PT-2023-21856 · Zulip · Zulip

Name of the Vulnerable Software and Affected Versions: Zulip versions prior to 6.2 Description: Zulip is an open-source team collaboration tool with unique topic-based threading. An attacker can create a new account in the organization with an arbitrary email address in their control that's not i...

6.5CVSS4.3AI score0.00527EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2023/05/09 9:51 p.m.86 views

USN-6063-1: Ceph vulnerabilities

Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...

9.1CVSS6.8AI score0.00943EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/04/06 12:0 a.m.20 views

Fedora: Security Advisory for rubygem-activejob (FEDORA-2023-7002afbbb8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.7AI score0.00907EPSS
Exploits0References2
Fedora
Fedora
added 2023/04/05 1:36 a.m.23 views

[SECURITY] Fedora 37 Update: rubygem-activejob-7.0.4.3-1.fc37

Declare job classes that can be run by a variety of queueing backends...

5.3CVSS7.5AI score0.00907EPSS
Exploits0
Fedora
Fedora
added 2023/04/01 12:17 a.m.14 views

[SECURITY] Fedora 38 Update: rubygem-activejob-7.0.4.3-1.fc38

Declare job classes that can be run by a variety of queueing backends...

5.3CVSS7.5AI score0.00907EPSS
Exploits0
OSV
OSV
added 2023/03/29 9:15 p.m.2 views

DEBIAN-CVE-2023-0836

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...

7.5CVSS7.4AI score0.01201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/29 12:0 a.m.12 views

CVE-2023-0836

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...

6.5AI score0.01201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.38 views

SUSE SLED15: ceph / ceph-base / ceph-common / ceph-fuse / etc (SUSE-SU-2023:1581-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1581-1 advisory. Security issues fixed: - CVE-2022-0670: Fixed user/tenant read/write access to an entire file...

9.1CVSS6.7AI score0.00943EPSS
Exploits1References28
OSV
OSV
added 2023/03/27 12:0 a.m.3 views

UBUNTU-CVE-2023-0836

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...

7.5CVSS5.9AI score0.01201EPSS
Exploits0References3
OSV
OSV
added 2023/03/06 11:15 p.m.8 views

AZL-38998 CVE-2022-3854 affecting package ceph for versions less than 18.2.1-1

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service...

6.5CVSS6.5AI score0.00564EPSS
Exploits0References1
OSV
OSV
added 2023/03/06 11:15 p.m.7 views

AZL-39496 CVE-2022-3854 affecting package ceph for versions less than 16.2.10-3

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service...

6.5CVSS6.5AI score0.00564EPSS
Exploits0References1
OSV
OSV
added 2023/03/06 11:15 p.m.2 views

UBUNTU-CVE-2022-3854

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service...

6.5CVSS7AI score0.00564EPSS
Exploits0References3
CVE
CVE
added 2023/03/06 12:0 a.m.99 views

CVE-2022-3854

CVE-2022-3854: Ceph vulnerability in RGW URL processing allows an attacker to crash RGW by sending a null URL, causing DoS. Multiple connected docs corroborate the issue across Ceph deployments (RGW backend URL handling). Remediation is to upgrade Ceph to versions containing the fix (per SUSE RHC...

6.5CVSS6.1AI score0.00564EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/06 12:0 a.m.10 views

CVE-2022-3854

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service...

6.9AI score0.00564EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.3 views

SUSE CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...

7.5CVSS7AI score0.01625EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-2152

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by 1 setting the DISPLAY environment variable, when compiled with SDL support,...

1.9CVSS6.3AI score0.00419EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.3 views

SUSE CVE-2015-5143

The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service session store consumption via multiple requests with unique session keys...

7.8CVSS6.9AI score0.07266EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.4 views

SUSE CVE-2017-6318

saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANENETCONTROLOPTION packet...

7.5CVSS6.6AI score0.02963EPSS
Exploits0References6
Rows per page
Query Builder