104 matches found
EUVD-2020-5388
Malware in sbrugna...
EUVD-2020-5164
Malware in sbrugna...
EUVD-2018-8291
Malware in sbrugna...
EUVD-2024-33350
Malicious code in bioql PyPI...
EUVD-2023-28085
Malicious code in bioql PyPI...
FreeBSD : mongodb -- Buffer over-reads in MongoDB Server (28ffa931-a510-11ef-8109-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 28ffa931-a510-11ef-8109-b42e991fc52e advisory. [email protected] reports: An authorized user may trigger crashes or receive the contents of buffer...
CVE-2024-10921 Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to...
CVE-2024-10921
CVE-2024-10921 affects MongoDB Server: v5.0 prior to 5.0.30; v6.0 prior to 6.0.19; v7.0 prior to 7.0.15; and v8.0 prior to and including 8.0.2. The vulnerability arises from improper handling of BSON, allowing an authorized network user to trigger crashes or read buffer contents via specially cra...
CVE-2024-10921 Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to...
Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to...
mongodb -- Buffer over-reads in MongoDB Server
[email protected] reports: An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server...
CentOS 6 : libexif (RHSA-2020:2516)
The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2516 advisory. - An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This ...
Amazon Linux 2 : mod_security (ALAS-2023-2098)
The version of modsecurity installed on the remote host is prior to 2.9.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2098 advisory. In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the...
EulerOS 2.0 SP5 : mod_security (EulerOS-SA-2023-2160)
According to the versions of the modsecurity package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application...
Mageia: Security Advisory (MGASA-2023-0175)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated apache-mod_security packages fix security vulnerability
HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall CVE-2022-48279 Incorrect handling of '\0' bytes in file uploads in ModSecurity may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules...
Out-of-bounds Read
libmp4v2.so is vulnerable to Out-of-bounds Reads. The vulnerability exists in mp4track.cpp due to mishandling of compatibleBrand while processing a crafted mp4 file which allows an attacker to cause a heap based buffer over-reads resulting in an application crash...
Fedora 38 : mod_security (2023-bc61f7a145)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bc61f7a145 advisory. - new version 2.9.7 - switch to PCRE2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 37 : mod_security (2023-09f0496e60)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-09f0496e60 advisory. - new version 2.9.7 - switch to PCRE2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 36 : mod_security (2023-8aa264d5c5)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8aa264d5c5 advisory. - new version 2.9.7 - switch to PCRE2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...