Lucene search
K

665 matches found

OSV
OSV
added 2023/01/27 5:15 a.m.2 views

UBUNTU-CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...

8.1CVSS5.7AI score0.00422EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.43 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/08 12:0 a.m.11 views

CVE-2022-46792

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. Versions before 2.10.0 are unaffected...

6.9AI score0.0081EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.56 views

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5633-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5633-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

7.8CVSS7.3AI score0.05542EPSS
Exploits1References12
OSV
OSV
added 2022/08/01 8:41 a.m.10 views

SUSE-SU-2022:2614-2 Security update for dwarves and elfutils

This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 jscSLE-24501: - elfclassify: New tool to analyze ELF objects. - readelf: Print DWATdatamemberlocation as decimal offset. Decode DWATdiscrlist block attributes. - libdw: Add DWATGNUnumerator,...

9.8CVSS6.6AI score0.03691EPSS
Exploits18References37
Fedora
Fedora
added 2022/07/30 1:57 a.m.15 views

[SECURITY] Fedora 36 Update: golang-github-ledisdb-0.6-6.20210112gitd35789e.fc36

Ledisdb is a high-performance NoSQL database library and server written in Go. It's similar to Redis but store data in disk. It supports many data structures including kv, list, hash, zset, set. LedisDB now supports multiple different databases as backends...

7.3AI score
Exploits0
Amazon
Amazon
added 2022/07/21 12:0 a.m.7 views

Important: kernel

Issue Overview: Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend...

7.8CVSS5.5AI score0.00325EPSS
Exploits0
OSV
OSV
added 2022/07/18 12:15 a.m.1 views

DEBIAN-CVE-2020-16093

In LemonLDAP::NG aka lemonldap-ng through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used...

7.5CVSS7.6AI score0.00559EPSS
Exploits1References1
Veracode
Veracode
added 2022/07/12 6:12 a.m.34 views

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

7.1CVSS7.1AI score0.00322EPSS
Exploits0References15Affected Software1
OSV
OSV
added 2022/07/05 1:15 p.m.7 views

UBUNTU-CVE-2022-33741

Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...

7.1CVSS6.7AI score0.00322EPSS
Exploits0References29
CNNVD
CNNVD
added 2022/06/15 12:0 a.m.4 views

NestJS Proxy 信息泄露漏洞

NestJS Proxy is a Finastra open source NestJS module for decorating and proxying calls. A security vulnerability exists in NestJS Proxy versions prior to 0.7.0 that stems from the nestjs-proxy library's inability to control when an authorization header should be forwarded for a specific backend...

7.5CVSS7.2AI score0.00603EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.3 views

PT-2022-19455 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.9.0 TensorFlow versions prior to 2.8.1 TensorFlow versions prior to 2.7.2 TensorFlow versions prior to 2.6.4 Description: The implementation of tf.raw ops.SpaceToBatchND is vulnerable to an integer overflow. Thi...

5.5CVSS5.3AI score0.00332EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.25 views

NewStart CGSL MAIN 6.02 : sane-backends Vulnerability (NS-SA-2022-0058)

The remote NewStart CGSL host, running version MAIN 6.02, has sane-backends packages installed that are affected by a vulnerability: - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to caus...

5.5CVSS6.4AI score0.00497EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.33 views

EulerOS 2.0 SP8 : sane-backends (EulerOS-SA-2022-1587)

According to the versions of the sane-backends packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to re...

5.5CVSS6.1AI score0.01077EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for sane-backends (EulerOS-SA-2022-1587)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.4AI score0.01077EPSS
Exploits3References2
NVD
NVD
added 2022/04/11 9:15 p.m.27 views

CVE-2022-24837

HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes an...

5.3CVSS0.01082EPSS
Exploits0References3
OSV
OSV
added 2022/04/11 8:20 p.m.26 views

CVE-2022-24837 Enumerable upload file names in hedgedoc

HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes an...

5.3CVSS5.5AI score0.01082EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/03/29 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for sane-backends (EulerOS-SA-2022-1362)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.3AI score0.03044EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2022/03/28 12:0 a.m.29 views

EulerOS 2.0 SP8 : sane-backends (EulerOS-SA-2022-1362)

According to the versions of the sane-backends packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to...

8.8CVSS8.1AI score0.03044EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/22 12:0 a.m.53 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5338-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5338-1 advisory. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1...

9CVSS7.7AI score0.67994EPSS
Exploits16References14
Rows per page
Query Builder