Lucene search
K

88 matches found

Rosalinux
Rosalinux
added 2025/03/01 9:21 p.m.18 views

Advisory ROSA-SA-2025-2733

Software: unbound 1.16.2 OS: ROSA Virtualization 3.0 packageevrstring: unbound-1.16.2-5.8.rv30 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic...

8CVSS7.8AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/02/15 10:22 p.m.14 views

Advisory ROSA-SA-2025-2691

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation ...

8.3CVSS8AI score0.70754EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 7:59 p.m.21 views

Advisory ROSA-SA-2025-2675

software: libssh2 1.10.0 OS: ROSA-CHROME packageevrstring: libssh2-1.10.0-3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process...

5.9CVSS7.4AI score0.9378EPSS
Exploits4
Rosalinux
Rosalinux
added 2025/01/28 7:49 p.m.11 views

Advisory ROSA-SA-2025-2670

software: runc 1.1.7 OS: ROSA-CHROME packageevrstring: runc-1.1.7 CVE-ID: CVE-2024-21626 BDU-ID: 2024-00973 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Runc isolated container launch tool is related to a flaw in the controlled area delimitations of the system. Exploitation of the vulnerabili...

8.6CVSS8.9AI score0.18087EPSS
Exploits18
Rosalinux
Rosalinux
added 2025/01/28 7:13 p.m.22 views

Advisory ROSA-SA-2025-2647

software: fuseiso 20070708 WASP: ROSA-CHROME packageevrstring: fuseiso-20070708-12 CVE-ID: CVE-2015-8836 BDU-ID: 2016-00922 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the isofsrealreadzf isofs.c function of the FuseISO disk image mount software tool is caused by an integer overflow...

7.3CVSS7.9AI score0.02809EPSS
Exploits2
Rosalinux
Rosalinux
added 2025/01/28 12:45 p.m.20 views

Advisory ROSA-SA-2025-2617

software: openssl 1.1.1w OS: ROSA-CHROME packageevrstring: openssl-1.1.1.1w-3 CVE-ID: CVE-2023-5678 BDU-ID: 2023-08615 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DHgeneratekey function of the OpenSSL library is related to the generation of excessively long X9.42 DH keys. Exploitation of t...

5.3CVSS6.9AI score0.04459EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 12:43 p.m.14 views

Advisory ROSA-SA-2025-2616

software: opusfile 0.12 WASP: ROSA-CHROME packageevrstring: opusfile-0.12-3 CVE-ID: CVE-2022-47021 BDU-ID: 2023-00624 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the opgetdata and opopen1 opusfile.c functions in the xiph of the opusfile stream decoder library is related to null pointer...

7.8CVSS6.7AI score0.00395EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/12/12 8:0 a.m.2 views

usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()

...

7.1CVSS7.2AI score0.00255EPSS
Exploits0
OSV
OSV
added 2024/08/06 4:16 a.m.3 views

CVE-2024-28962

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.3 views

PT-2024-22645 · Dell · Alienware Update Uwp +2

Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update UWP versions prior to 5.4 Description: The issue is related to an Exposed Dangerous Method or Function, which could be exploited by an unauthenticated attacker with remote access,...

7.5CVSS7.2AI score0.00381EPSS
Exploits0References4
Amazon
Amazon
added 2024/01/08 12:0 a.m.4 views

Low: vim

Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...

4.7CVSS7.9AI score0.00441EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/11/10 12:0 a.m.4 views

The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update software relates to a insecure operation at the mount point in the Windows operating system. This allows an attacker to delete arbitrary files.

The vulnerability of the Dell Command | Update, Dell Update, and Alienware Update programs is related to a unsafe operation at the mount point in the Windows operating system. Exploiting this vulnerability could allow an attacker to delete arbitrary files...

7.1CVSS7.2AI score0.00176EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2023/06/23 12:15 p.m.3 views

CVE-2023-28065

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

7.3CVSS5.8AI score0.00193EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 12:15 p.m.21 views

Privilege escalation

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...

4.1CVSS7.1AI score0.00193EPSS
Exploits0References1Affected Software3
OSV
OSV
added 2023/06/23 11:15 a.m.3 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

7.1CVSS5.9AI score0.00179EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 11:15 a.m.19 views

Design/Logic Flaw

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

3.2CVSS6.9AI score0.00179EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2023/06/23 10:37 a.m.36 views

CVE-2023-28071

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Servi...

6.3CVSS7.1AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/23 12:0 a.m.6 views

部分Dell产品 后置链接漏洞

Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in...

7.3CVSS7.4AI score0.00193EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/23 12:0 a.m.5 views

PT-2023-21527 · Dell · Alienware Update +2

Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior Description: The issue is related to an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit thi...

7.3CVSS7.1AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/23 12:0 a.m.6 views

Dell Command Update 后置链接漏洞

Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A security vulnerability exists in Dell Command Update, Dell Update, Alienware Update version 4.9.0 and prior versions. An attacker could exploit the vulnerability to create...

7.1CVSS7.3AI score0.00179EPSS
Exploits0References2
Rows per page
Query Builder