Lucene search
+L

357 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.32 views

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2024-671)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-671 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

7.4CVSS6.4AI score0.01257EPSS
Exploits0References14
Debian
Debian
added 2024/06/30 10:15 p.m.5 views

[SECURITY] [DLA 3854-1] tryton-client security update

Debian LTS Advisory DLA-3854-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 30, 2024 https://wiki.debian.org/LTS Package : tryton-client Version : 5.0.5-1+deb10u1 CVE ID : not yet available Cédric Krier has found that trytond, the Tryton application server...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.23 views

EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2024-1547)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

5.9CVSS7.2AI score0.93305EPSS
Exploits4References4
CVE
CVE
added 2024/04/17 1:21 p.m.496 views

CVE-2024-1132

Keycloak path traversal vulnerability (CVE-2024-1132) arises from improper validation of redirect URLs, enabling an attacker to bypass validation and access other URLs within the domain when a client uses wildcard Valid Redirect URIs. The issue requires user interaction and affects clients with w...

8.1CVSS5.7AI score0.01552EPSS
Exploits0References14Affected Software10
Github Security Blog
Github Security Blog
added 2024/03/14 8:37 p.m.35 views

discordrb OS Command Injection vulnerability

discordrb is an implementation of the Discord API using Ruby. In discordrb before commit 91e13043ffa the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly...

9.6CVSS7.9AI score0.02546EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.7 views

The vulnerability of the centralized endpoint security management tools—WithSecure Client Security, WithSecure Server Security, WithSecure Email and Server Security, WithSecure Elements Endpoint Protection, WithSecure Linux Security, WithSecure Linux Protection, WithSecure Atlant—is related to insufficient validation of input data. This allows attackers to trigger a Denial-of-Service attack.

The vulnerability of the centralized endpoint security management tools—WithSecure Client Security, WithSecure Server Security, WithSecure Email and Server Security, WithSecure Elements Endpoint Protection, WithSecure Linux Security, WithSecure Linux Protection, and WithSecure Atlant—is related t...

10CVSS5.5AI score0.00713EPSS
Exploits0References3Affected Software7
NVD
NVD
added 2024/02/26 4:28 p.m.36 views

CVE-2024-27359

Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protectio...

7.5CVSS6.5AI score0.00713EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/26 12:0 a.m.5 views

WithSecure products Security breaches

WithSecure products is a line of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure products, which stems from the fact that the engine scanning program may enter an infinite loop when processing archived files, resulting in a denial of service. T...

7.5CVSS6.7AI score0.00713EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/25 12:0 a.m.15 views

CVE-2024-27359

Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protectio...

6.9AI score0.00713EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/25 12:0 a.m.6 views

PT-2024-1945 · Withsecure · Withsecure Server Security +7

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...

10CVSS7.2AI score0.00713EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.7 views

PT-2024-14036 · Td Bank · Td Advanced Dashboard Client

Name of the Vulnerable Software and Affected Versions: TD Bank TD Advanced Dashboard client through 3.0.3 for macOS Description: The issue allows arbitrary code execution due to the lack of electron::fuses::IsRunAsNodeEnabled, which means ELECTRON RUN AS NODE can be used in production. This makes...

8.4CVSS6.9AI score0.0023EPSS
Exploits0References8
NVD
NVD
added 2024/02/08 7:15 p.m.14 views

CVE-2024-23764

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later...

6.7CVSS6.6AI score0.00174EPSS
Exploits0References2
OSV
OSV
added 2024/02/08 7:15 p.m.9 views

CVE-2024-23764

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later...

6.7CVSS5.8AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.7 views

WithSecure products Security breaches

WithSecure products are a range of security software from the Finnish company WithSecure. A security vulnerability exists in some WithSecure products. An attacker can exploit the vulnerability to escalate privileges. The following products and versions are affected: WithSecure Client Security...

6.7CVSS6.9AI score0.00174EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.9 views

CVE-2024-23764

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later...

6.5AI score0.00174EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/08 12:0 a.m.22 views

CVE-2024-23764

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later...

6.8AI score0.00174EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.6 views

PT-2024-20067 · Withsecure · Withsecure Elements Endpoint Protection +3

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security versions 15 and later WithSecure Server Security versions 15 and later WithSecure Email and Server Security versions 15 and later WithSecure Elements Endpoint Protection versions 17 and later Description: Certain...

6.7CVSS6.6AI score0.00174EPSS
Exploits0References5
OSV
OSV
added 2024/01/09 6:30 p.m.10 views

GHSA-JW42-5M4V-9C8G Duplicate Advisory: NuGet Client Security Feature Bypass Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-68w7-72jg-6qpp. This link is maintained to preserve external references. Original Description NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability...

9.1CVSS9.3AI score0.02778EPSS
Exploits0References3
CVE
CVE
added 2023/12/14 5:2 p.m.94 views

CVE-2023-42801

CVE-2023-42801 affects Moonlight-common-c, the core GameStream client code. The vulnerability is a stack-based buffer overflow in the library that begins after pairing, exploitable by sending a malicious game streaming server to a Moonlight client. Exploitation could crash the client and, in theo...

7.6CVSS7.6AI score0.00793EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/27 12:15 a.m.5 views

CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 a...

5.3CVSS5.8AI score0.00613EPSS
Exploits0References3
Rows per page
Query Builder