Lucene search
K

2331 matches found

Cvelist
Cvelist
added 2023/11/16 10:1 p.m.39 views

CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

4.3CVSS4.9AI score0.00481EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.126 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS7.3AI score0.03882EPSS
Exploits8References69
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.2 views

kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible

A potential deadlock flaw was found in the Linux’s kernel DVB API used by Digital TV devices functionality. This flaw allows a local user to crash the system...

5.5CVSS6.6AI score0.00413EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver

A reference leak flaw was found in the Linux kernel's AMD P-state unit test driver in the CPU policy access logic. A local user can trigger this issue by loading the amd-pstate-ut driver, which acquires CPU policy references via cpufreqcpuget without releasing them via cpufreqcpuput. This causes...

5.5CVSS7.2AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2023/11/07 12:0 a.m.30 views

ALSA-2023:6523 Moderate: python-tornado security update

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...

6.1CVSS6.5AI score0.01132EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.4 views

PT-2023-27936 · Calico · Calico Typha +1

Name of the Vulnerable Software and Affected Versions: Calico Typha versions 3.26.2 and below Calico Typha version 3.25.1 Calico Enterprise Typha versions 3.17.1 and below Calico Enterprise Typha version 3.16.3 Calico Enterprise Typha version 3.15.3 Description: The issue arises when a client TLS...

7.5CVSS7.2AI score0.00723EPSS
Exploits0References9
Fedora
Fedora
added 2023/11/03 7:5 p.m.20 views

[SECURITY] Fedora 39 Update: squid-6.4-1.fc39

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

7.4AI score
Exploits0
Fedora
Fedora
added 2023/11/03 6:59 p.m.48 views

[SECURITY] Fedora 39 Update: nodejs20-20.8.1-1.fc39

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

9.8CVSS7.2AI score0.99999EPSS
Exploits19
Fedora
Fedora
added 2023/11/03 6:59 p.m.46 views

[SECURITY] Fedora 39 Update: nodejs18-18.18.2-1.fc39

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Fedora
Fedora
added 2023/11/03 1:10 a.m.13 views

[SECURITY] Fedora 37 Update: squid-6.4-1.fc37

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/03 12:0 a.m.2 views

PT-2023-33021 · Ez Systems +1 · Ezpublish-Kernel +4

Name of the Vulnerable Software and Affected Versions: Ibexa DXP and eZ Platform affected versions not specified ezsystems/ezplatform-kernel affected versions not specified ezsystems/ezpublish-kernel affected versions not specified ibexa/core affected versions not specified Description: The issue...

7.2AI score
Exploits0References5
OpenVAS
OpenVAS
added 2023/11/03 12:0 a.m.9 views

Fedora: Security Advisory for squid (FEDORA-2023-df4923cddc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Redos
Redos
added 2023/10/30 12:0 a.m.42 views

ROS-20231030-05

Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...

7.5CVSS6.8AI score0.70595EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/28 12:0 a.m.37 views

Fedora: Security Advisory for nodejs20 (FEDORA-2023-4d2fd884ea)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.99999EPSS
Exploits19References4
The Hacker News
The Hacker News
added 2023/10/27 4:23 a.m.150 views

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximu...

10CVSS9.1AI score0.99999EPSS
Exploits140
Fedora
Fedora
added 2023/10/26 1:51 a.m.56 views

[SECURITY] Fedora 38 Update: nodejs20-20.8.1-1.fc38

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

9.8CVSS8.2AI score0.99999EPSS
Exploits19
Fedora
Fedora
added 2023/10/26 1:35 a.m.55 views

[SECURITY] Fedora 37 Update: nodejs20-20.8.1-1.fc37

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

9.8CVSS8.2AI score0.99999EPSS
Exploits19
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.5 views

The vulnerability of the Connectize G6 AC2100 router’s microprogramming software lies in its overly restrictive mechanism for blocking user account data, which allows attackers to execute brute-force attacks.

The vulnerability of the Connectize G6 AC2100 router’s microprogramming software is related to an overly restrictive mechanism for blocking user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to carry out a brute-force attack...

4.3CVSS6.4AI score0.00726EPSS
Exploits1References2Affected Software1
Fedora
Fedora
added 2023/10/24 1:23 a.m.49 views

[SECURITY] Fedora 38 Update: nodejs18-18.18.2-1.fc38

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.5CVSS7AI score0.99999EPSS
Exploits19
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.8 views

The vulnerability of the WireGuard VPN service, related to errors in handling links, allows a malicious actor to block IP traffic on selected IP addresses.

The vulnerability of the VPN service WireGuard is related to errors in handling links. Exploiting this vulnerability allows a remote attacker to block IP traffic on selected IP addresses...

6.1CVSS6.1AI score0.00812EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder