Lucene search
+L

132 matches found

Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.65 views

PT-2025-6477

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 17.3 PostgreSQL versions prior to 16.7 PostgreSQL versions prior to 15.11 PostgreSQL versions prior to 14.16 PostgreSQL versions prior to 13.19 Description The issue is related to improper neutralization of quoting...

10CVSS8.4AI score0.89914EPSS
Exploits16References317
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.20 views

RHEL 9 : kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 (RHSA-2024:6313)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6313 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch...

7.1CVSS7.1AI score0.00254EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2024:1865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00811EPSS
Exploits2References6
OSV
OSV
added 2024/07/02 8:14 a.m.21 views

SUSE-SU-2024:2265-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

7.5CVSS5.4AI score0.00811EPSS
Exploits2References7
OSV
OSV
added 2024/05/30 12:19 p.m.10 views

SUSE-SU-2024:1865-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

7.5CVSS6.7AI score0.00811EPSS
Exploits2References7
Veracode
Veracode
added 2024/04/26 6:59 a.m.36 views

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

7.8CVSS7AI score0.01059EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2024/04/26 4:16 a.m.30 views

OS Command Execution

less is vulnerable to OS command execution. The vulnerability is due to mishandling of quoting in the filename.c file within the less command-line utility, allowing attackers to execute arbitrary commands via a newline character in the name of a file...

8.6CVSS7.2AI score0.00628EPSS
Exploits0References7Affected Software1
Fedora
Fedora
added 2024/04/19 1:18 a.m.29 views

[SECURITY] Fedora 39 Update: jose-13-1.fc39

Jos=EF=BF=BD=EF=BF=BD is a command line utility for performing various tasks on JSON Object Signing and Encryption JOSE objects. Jos=EF=BF=BD=EF=BF=BD provides a full crypto stack including key generation, signing and encryption...

7.5CVSS6.5AI score0.01383EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/02/13 6:10 p.m.36 views

CVE-2024-25112

A flaw was found in the Exiv2 command-line utility. The denial of service is triggered when Exiv2 is used to read the metadata of a crafted video file. An unbounded recursion can cause Exiv2 to crash by exhausting the stack...

5.5CVSS6.8AI score0.00222EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/02/12 10:11 p.m.17 views

CVE-2024-25112

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...

5.5CVSS5.1AI score0.00222EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.34 views

Rocky Linux 8 : compat-exiv2-026 (RLSA-2021:4319)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4319 advisory. - An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS...

7.5CVSS6.7AI score0.02555EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.33 views

Rocky Linux 8 : exiv2 (RLSA-2021:4173)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4173 advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was...

7.8CVSS6.7AI score0.02555EPSS
Exploits3References26
UbuntuCve
UbuntuCve
added 2023/07/18 2:15 p.m.36 views

CVE-2022-41409

Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input...

7.5CVSS6.8AI score0.00962EPSS
Exploits1References3
Kitploit
Kitploit
added 2023/03/25 11:30 a.m.37 views

QRExfiltrate - Tool That Allows You To Convert Any Binary File Into A QRcode Movie. The Data Can Then Be Reassembled Visually Allowing Exfiltration Of Data In Air Gapped Systems

This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The data can then be reassembled visually allowing exfiltration of data in air gapped systems. It was designed as a proof of concept to demonstrate weaknesses in DLP software; that is, the assumption...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.33 views

NewStart CGSL MAIN 6.02 : exiv2 Multiple Vulnerabilities (NS-SA-2022-0090)

The remote NewStart CGSL host, running version MAIN 6.02, has exiv2 packages installed that are affected by multiple vulnerabilities: - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in...

7.8CVSS6.6AI score0.02555EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.21 views

Ubuntu 16.04 ESM : Zstandard vulnerabilities (USN-5720-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5720-1 advisory. It was discovered that Zstandard was not properly managing file permissions when generating output files. A local attacker could possibly use this issue ...

5.5CVSS6.1AI score0.00431EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.16 views

The vulnerability of the QPDF::processXRefStream function in the command-line utility for converting QPDF documents allows a attacker to cause a service failure.

The vulnerability of the QPDF::processXRefStream command-line utility for converting PDF documents is related to the lack of resource release after the expiration of its useful period. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.1AI score0.0068EPSS
Exploits1References5Affected Software2
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.5 views

Fedora: Security Advisory for golang-gopkg-neurosnap-sentences-1 (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 2:0 a.m.14 views

[SECURITY] Fedora 36 Update: golang-gopkg-neurosnap-sentences-1-1.0.6-15.fc36

This command line utility will convert a blob of text into a list of sentence s...

7.4AI score
Exploits0
Fedora
Fedora
added 2022/07/17 1:16 a.m.53 views

[SECURITY] Fedora 35 Update: weldr-client-35.5-2.fc35

Command line utility to control osbuild-composer...

9.3CVSS2.2AI score0.0995EPSS
Exploits3
Rows per page
Query Builder