Lucene search
K

7654 matches found

Veracode
Veracode
added 2022/11/21 11:51 a.m.24 views

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists in the FusedResizeAndPadConv2D function of nnops.cc due to improper buffer size checking which allows an attacker to cause an application crash by providing malicious input...

7.5CVSS7.1AI score0.0043EPSS
Exploits1References9Affected Software3
Vulnrichment
Vulnrichment
added 2022/11/21 12:0 a.m.6 views

CVE-2022-1579 Login Block IPs <= 1.0.0 - IP Spoofing Bypass

The function checkisloginpage uses headers for the IP check, which can be easily spoofed...

7.2AI score0.00664EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2022/11/15 3:20 p.m.9 views

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

4.3CVSS6.6AI score0.00999EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.3 views

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a modem memory...

9.8CVSS8.3AI score0.00417EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2022-2756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS5.5AI score0.02006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.26 views

EulerOS 2.0 SP9 : cups (EulerOS-SA-2022-2756)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and...

3.3CVSS5.9AI score0.02006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.29 views

EulerOS 2.0 SP9 : cups (EulerOS-SA-2022-2721)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and...

3.3CVSS5.9AI score0.02006EPSS
Exploits0References2
Fedora
Fedora
added 2022/11/10 10:57 p.m.36 views

[SECURITY] Fedora 37 Update: exim-4.96-5.fc37

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

9.8CVSS1.5AI score0.03661EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/11/10 5:32 p.m.8 views

CVE-2022-20950

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being...

5.8CVSS7.1AI score0.00786EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/09 4:0 p.m.42 views

Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being...

5.8CVSS5.5AI score0.00786EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.3 views

Cisco Firepower Threat Defense 代码问题漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. A code issue vulnerability exists in Cisco Firepower Threat Defense FTD Software that stems from a lack of error checking when interacting with its SIP and Snort 3 for...

5.8CVSS5.9AI score0.00786EPSS
Exploits0References4
OSV
OSV
added 2022/11/08 11:15 a.m.5 views

CVE-2022-30694

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2022/11/08 11:15 a.m.37 views

CVE-2022-30694

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

6.5CVSS0.00294EPSS
Exploits0References1
Prion
Prion
added 2022/11/08 11:15 a.m.31 views

Cross site request forgery (csrf)

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

4.3CVSS6.3AI score0.00294EPSS
Exploits0References1Affected Software23
Ubuntu
Ubuntu
added 2022/11/08 8:13 a.m.71 views

USN-5714-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. CVE-2022-2519,...

7.7CVSS6.6AI score0.01378EPSS
Exploits11
Vulnrichment
Vulnrichment
added 2022/11/08 12:0 a.m.6 views

CVE-2022-30694

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/08 12:0 a.m.38 views

CVE-2022-30694

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

6.5CVSS6.5AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.4 views

MediaTek 芯片资源管理错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek aee, which stems from a lack of bounds checking, leading to memory reuse after release...

6.7CVSS6.6AI score0.00134EPSS
Exploits0References2
CVE
CVE
added 2022/11/08 12:0 a.m.133 views

CVE-2022-30694

Summary: CVE-2022-30694 is a CSRF vulnerability in the Siemens web server login endpoint "/FormLogin" that can allow an authenticated attacker to track other users’ activities by bypassing origin checks. The issue affects multiple Siemens products including SIMATIC Drive Controllers, SIMATIC ET 2...

6.5CVSS4.6AI score0.00294EPSS
Exploits0References1Affected Software3
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.4 views

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek vpu that stems from incorrect boundary checking, leading to information disclosure...

6.7CVSS6.6AI score0.00132EPSS
Exploits0References2
Rows per page
Query Builder