Lucene search
+L

49 matches found

RustSec
RustSec
added 2023/11/13 12:0 p.m.6 views

`loopdev` crate is unmaintained; use 'loopdev-3` instead.

The loopdev crate was last released in Oct, 2021. It has been unable to build in Fedora 38 and above since April, 2023. The loopdev-3 crate is a maintained fork: https://github.com/stratis-storage/loopdev-3...

7.1AI score
Exploits0
Citrix
Citrix
added 2023/11/01 12:0 a.m.22 views

Provisioning 2203 : Citrix PVS breaks with Microsoft OLEDB driver v19

When upgrading PVS 2203 servers to mitigate a Microsoft OLEDB driver vulnerability CVE-2023-36728, a customer incorrectly removed Microsoft OLE DB Driver 18 and installed Microsoft OLE DB Driver 19. PVS Server 2203 cannot use Microsoft OLE DB Driver 19 to communicate with the SQL server...

5.5CVSS7.1AI score0.00851EPSS
Exploits0Affected Software2
OSV
OSV
added 2023/06/14 6:15 p.m.5 views

AZL-27173 CVE-2023-2976 affecting package guava for versions less than 25.0-8

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

7.1CVSS6.6AI score0.00248EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2023/06/13 7:0 a.m.66 views

June 13, 2023—KB5027223 (OS Build 22000.2057)

None None...

9.8CVSS6.8AI score0.22133EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2023/04/11 7:0 a.m.176 views

April 11, 2023—KB5025239 (OS Build 22621.1555)

None None...

9.8CVSS6.8AI score0.95454EPSS
Exploits23
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29205

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...

5.5CVSS5.4AI score0.00317EPSS
Exploits1References3
OSV
OSV
added 2022/06/28 6:21 p.m.10 views

GSD-2022-1002819 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall

arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/11/09 6:33 p.m.7 views

SUSE-SU-2021:3643-1 Security update for binutils

This update for binutils fixes the following issues: - For compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. bsc1192267 This reverts IBM zSeries HLASM support for now. - Fixed that ppc64 optflags did not enable LTO bsc1188941. - Fix empt...

7.8CVSS7.8AI score0.03412EPSS
Exploits2References7
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.17 views

NEC Corporation CLUSTERPRO 和 EXPRESSCLUSTER 缓冲区错误漏洞

Nec Expresscluster X is a specialized high availability cluster software from Nec Corporation of Japan. It is used to initiate a fast restore function and continuously protect critical applications and data.NEC Corporation CLUSTERPRO is a HA cluster software from NEC. A buffer error vulnerability...

9.8CVSS9AI score0.02073EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/02/15 1:15 p.m.51 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.9AI score0.35717EPSS
Exploits1References7
OSV
OSV
added 2018/10/19 10:51 a.m.4 views

SUSE-SU-2018:3253-1 Security update for libssh

This update for libssh fixes the following issues: Security issue fixed: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. Non security issue fixed: - Fix popd syntax to be compatible with newer versions of the bash shell...

9.1CVSS9.4AI score0.91789EPSS
Exploits11References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:15 p.m.39 views

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM MessageSight (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM MessageSight. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message durin...

5.9CVSS1AI score0.0288EPSS
Exploits0Affected Software1
Krebs on Security
Krebs on Security
added 2018/01/09 6:48 p.m.45 views

Website Glitch Let Me Overstock My Coinbase

Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/24 12:0 a.m.52 views

Microsoft Dynamics CRM 2011 Update Rollup 15

Microsoft Dynamics CRM 2011 Update Rollup 15 We have identified a compatibility issue that occurs when you use the Microsoft Dynamics CRM 2011 Client for Outlook with Update Rollup 15 applied against a Dynamics CRM 2013 server. This issue does not affect Dynamics CRM 2011 servers. A new Update...

6.7AI score
Exploits0
Veeam
Veeam
added 2016/11/01 12:0 a.m.18 views

Windows 10 VM Hyper-V Guest processing skipped on 2012 R2 Host

Challenge A Backup Job for a Windows 10 VM running on a 2012 R2 Hyper-V Host will fail to engage VSS when application-aware image processing is enabled, generating the error: Error Guest processing skipped check guest OS VSS state and integration components version System.Exception Cause This...

6.9AI score
Exploits0
OSV
OSV
added 2016/05/04 6:34 p.m.9 views

USN-2950-2 libsoup2.4 update

USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...

6AI score
Exploits0References2
Packet Storm
Packet Storm
added 2013/09/04 12:0 a.m.35 views

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-059 Microsof...

9.3CVSS0.3AI score0.58427EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.38 views

Scientific Linux Security Update : openssl on SL5.x i386/x86_64

OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. Datagram TLS DTLS is a protocol based on TLS that is capable of securing datagram transport UDP for instance. The...

9.3CVSS7.6AI score0.16061EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64

A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash. CVE-2009-1889 These updated packages also fix the...

5CVSS5.4AI score0.03377EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2010/06/22 10:29 p.m.37 views

Critical: Red Hat Security Advisory: firefox security, bug fix, and enhancement update

Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common...

10CVSS7.8AI score0.11418EPSS
Exploits8References16
Rows per page
Query Builder