Lucene search
K

7652 matches found

CNNVD
CNNVD
added 2023/02/27 12:0 a.m.3 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from the US-based company Mattermost. Mattermost suffers from a security vulnerability that stems from a lack of privilege checking, which an attacker could utilize to list and view other teams' scripts...

6.5CVSS6.5AI score0.00499EPSS
Exploits0References2
CVE
CVE
added 2023/02/27 12:0 a.m.111 views

CVE-2022-32830

CVE-2022-32830 is an out-of-bounds read vulnerability in ImageIO affecting tvOS/iOS/iPadOS up to version 15.6; exploitation through processing a malicious image could disclose user information. Other Apple components listed in tvOS 15.6/ iOS 15.6/ iPadOS 15.6 have separate CVEs. Remediation: upda...

7.5CVSS6.3AI score0.00622EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.28 views

CVE-2022-32830

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...

7.4AI score0.00622EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/27 12:0 a.m.6 views

CVE-2022-32830

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...

6.5AI score0.00622EPSS
Exploits0References2
OSV
OSV
added 2023/02/24 3:15 p.m.3 views

ALPINE-CVE-2022-4203

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

4.9CVSS6.9AI score0.01481EPSS
Exploits0References1
Prion
Prion
added 2023/02/24 3:15 p.m.25 views

Buffer overflow

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

3.3CVSS6.3AI score0.01481EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2023/02/24 2:53 p.m.48 views

CVE-2022-4203

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

4.9CVSS7.1AI score0.01481EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.20 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:0482-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0482-1 advisory. - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralName via livepatch bsc1207533. Tenable has extracted the preceding...

7.4CVSS7.1AI score0.59501EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/02/24 12:0 a.m.22 views

Debian: Security Advisory (DLA-3340-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.0511EPSS
Exploits0References4
Debian
Debian
added 2023/02/23 9:21 p.m.41 views

[SECURITY] [DLA 3340-1] libgit2 security update

Debian LTS Advisory DLA-3340-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost February 23, 2023 https://wiki.debian.org/LTS Package : libgit2 Version : 0.27.7+dfsg.1-0.2+deb10u1 CVE ID : CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 Debian Bug : 1029368 A vulnerabili...

9.8CVSS7.4AI score0.0511EPSS
Exploits0
Prion
Prion
added 2023/02/23 8:15 p.m.17 views

Design/Logic Flaw

A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...

3.3CVSS6.4AI score0.00296EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/23 12:0 a.m.16 views

CVE-2023-20089 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...

7.4CVSS7.5AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.0 views

PT-2023-2185 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: wasmtime versions prior to 4.0.1 wasmtime versions prior to 5.0.1 wasmtime versions prior to 6.0.1 Description: The issue is related to a bug in the Cranelift code generator of wasmtime, which mistakenly calculates a 35-bit effective address...

10CVSS9.4AI score0.01251EPSS
Exploits0References21
Cisco
Cisco
added 2023/02/22 4:0 p.m.46 views

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...

7.4CVSS6.6AI score0.00296EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 7:40 p.m.36 views

K8924: Linux kernel vulnerability CVE-2007-3843

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

4.3CVSS6.3AI score0.02624EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:8 p.m.25 views

K16984: PCRE library vulnerability CVE-2015-2326

Security Advisory Description PCRE library is prone to a vulnerability which leads to Heap overflow. Without enough bound checking inside pcrecompile2, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many...

5.5CVSS8.1AI score0.01592EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 7:8 p.m.42 views

K16983: PCRE library vulnerability CVE-2015-2325

Security Advisory Description PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applicatio...

7.8CVSS8.2AI score0.01575EPSS
Exploits1Affected Software21
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.46 views

K22715344: PolicyKit vulnerability CVE-2019-6133

Security Advisory Description In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...

6.7CVSS6.9AI score0.00446EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.25 views

K31434612: BSD link_ntoa vulnerability CVE-2016-6559

Security Advisory Description Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications...

9.8CVSS9.3AI score0.03699EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.69 views

K22113693: Linux kernel vulnerability CVE-2021-42739

Security Advisory Description The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avccapmt mishandles bounds checking. CVE-2021-42739 Impact There is no impact; F5 product...

6.7CVSS6.8AI score0.00443EPSS
Exploits0
Rows per page
Query Builder