Lucene search
K

2331 matches found

BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.9 views

The vulnerability of the PowerPanel Business’s monitoring and control system regarding authentication procedures allows unauthorized access by intruders to protected information.

The vulnerability of the PowerPanel Business monitoring and power source management system is related to deficiencies in authentication procedures, due to the absence of blocking mechanisms for substitution signs. Exploiting this vulnerability could allow an attacker operating remotely to gain...

6.8CVSS5.5AI score0.00354EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/06 12:0 a.m.49 views

Oracle Linux 9 : mod_http2 (ELSA-2024-2368)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2368 advisory. 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

7.5CVSS7.5AI score0.70595EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.5 views

PT-2024-25900 · Mullvad · Mullvad Vpn

Name of the Vulnerable Software and Affected Versions: Mullvad VPN versions through 2024.1 Description: The issue allows DNS traffic to leave the device when Mullvad VPN on Android fails to create a tunnel and does not set a DNS server in the blocking state. This can result in sensitive DNS...

7.5CVSS6.8AI score0.00599EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/30 10:24 a.m.32 views

Moderate: Red Hat Security Advisory: pam security update

An update for pam is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

5.5CVSS6.5AI score0.00455EPSS
Exploits1References8
CVE
CVE
added 2024/04/29 12:0 a.m.53 views

CVE-2023-52725

CVE-2023-52725 affects Open Networking Foundation ONOS onos-kpimon 0.4.7. The vulnerability arises from blocking the errCh channel inside the Start function of the monitoring package, causing resource exhaustion as the indication-processing goroutine cannot accept new messages. Public documents c...

6.5CVSS6.8AI score0.00426EPSS
Exploits1References1Affected Software1
Fedora
Fedora
added 2024/04/25 1:21 a.m.49 views

[SECURITY] Fedora 39 Update: squid-6.9-1.fc39

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

8.6CVSS8.7AI score0.65254EPSS
Exploits1
Fedora
Fedora
added 2024/04/20 1:3 a.m.29 views

[SECURITY] Fedora 39 Update: nodejs18-18.20.2-1.fc39

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.1CVSS6.7AI score0.01387EPSS
Exploits0
Fedora
Fedora
added 2024/04/19 9:44 p.m.40 views

[SECURITY] Fedora 40 Update: nodejs18-18.20.2-1.fc40

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.1CVSS7.3AI score0.01387EPSS
Exploits0
Fedora
Fedora
added 2024/04/19 9:44 p.m.55 views

[SECURITY] Fedora 40 Update: nodejs20-20.12.2-1.fc40

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.2CVSS7.3AI score0.87211EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2024/04/19 7:46 p.m.24 views

Denial of Service Vulnerability in Rustls Library

Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...

7.5CVSS7.3AI score0.00949EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/04/19 7:46 p.m.25 views

GHSA-6G7W-8WPP-FRHJ Denial of Service Vulnerability in Rustls Library

Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...

7.5CVSS7.2AI score0.00949EPSS
Exploits0References9
NVD
NVD
added 2024/04/19 4:15 p.m.13 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.3AI score0.00949EPSS
Exploits0References4
OSV
OSV
added 2024/04/19 4:15 p.m.2 views

DEBIAN-CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.3AI score0.00949EPSS
Exploits0References1
OSV
OSV
added 2024/04/19 4:15 p.m.4 views

UBUNTU-CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.8AI score0.00949EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/04/19 4:15 p.m.16 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.9AI score0.00949EPSS
Exploits0References2
CVE
CVE
added 2024/04/19 4:5 p.m.298 views

CVE-2024-32650

CVE-2024-32650 affects rustls:complete_io in a blocking rustls server can enter an infinite loop if a client sends close_notify right after client_hello, leading to a denial of service. Fixes exist in rustls releases 0.23.5, 0.22.4, and 0.21.11. Remediation is to upgrade to one of these versions ...

7.5CVSS6.4AI score0.00949EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/04/19 4:5 p.m.17 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.3AI score0.00949EPSS
Exploits0
CNNVD
CNNVD
added 2024/04/19 12:0 a.m.5 views

Rustls 安全漏洞

Rustls is a modern TLS library in Rust open-sourced by Rustls. A security vulnerability exists in Rustls versions prior to 0.23.5, 0.22.4, and 0.21.11, which stems from an infinite loop in the server's completeio if a client sends a closenotify message immediately after clienthello when using a...

7.5CVSS6.7AI score0.00949EPSS
Exploits0References6
Kitploit
Kitploit
added 2024/04/18 12:30 p.m.52 views

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research

PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want...

7.6AI score
Exploits0References13
Malwarebytes
Malwarebytes
added 2024/04/09 7:21 p.m.30 views

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. The malicious ads are displayed as sponsored results on Googles search engine page and localized to North America. Victims are tricked into downloadi...

7AI score
Exploits0
Rows per page
Query Builder