Lucene search
K

15493 matches found

Positive Technologies
Positive Technologies
added 2023/02/22 12:0 a.m.6 views

PT-2023-16013 · Weintek · Weintek Easybuilder Pro

Name of the Vulnerable Software and Affected Versions: Weintek EasyBuilder Pro affected versions not specified Description: The issue is caused by a ZipSlip attack resulting from decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access...

9.3CVSS7.5AI score0.21846EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.104 views

K51975973: Eclipse Jetty vulnerability CVE-2021-34428

Security Advisory Description For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can...

3.6CVSS6.5AI score0.00963EPSS
Exploits1Affected Software1
OSV
OSV
added 2023/02/20 4:22 a.m.18 views

MAL-2023-537 Malicious code in jquery-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c2e86401517688fc0bdbd68e989cce56834a9c11090e0a27fd0e0b5cdf9ca2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/02/20 12:0 a.m.8 views

MAL-2023-560 Malicious code in kuna-chart-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7b6783077178ab41482bc0e611e487453d9b0254e1e1ad5684b89472b002b2b4 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

7.4AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.2 views

SUSE CVE-2005-4778

The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions...

2.1CVSS6.7AI score0.00332EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.2 views

SUSE CVE-2012-4542

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

4.6CVSS6.3AI score0.00349EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1729

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element...

2.6CVSS6.7AI score0.01233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.2 views

SUSE CVE-2018-10021

drivers/scsi/libsas/sasscsihost.c in the Linux kernel before 4.16 allows local users to cause a denial of service ata qc leak by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers w...

5.5CVSS7.1AI score0.00466EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

4.9CVSS5.3AI score0.01051EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-19624

An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of t...

6.5CVSS6.5AI score0.01742EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-41848

drivers/char/pcmcia/synclinkcs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpcioctl and mgslpcdetach...

6.4CVSS6.6AI score0.00243EPSS
Exploits0References28
Microsoft Security Update
Microsoft Security Update
added 2023/02/14 6:0 p.m.47 views

2023-02 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5022834)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

3.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2023/02/14 6:0 p.m.37 views

2023-02 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5022834)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

3.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/02/14 8:2 a.m.16 views

ipc-computer.de Cross Site Scripting vulnerability OBB-3193895

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Intel
Intel
added 2023/02/14 12:0 a.m.31 views

Computer Vision Annotation Tool Advisory

Summary: A potential security vulnerability in the Computer Vision Annotation Tool CVAT software maintained by Intel® may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-27234 Description: Server-si...

6.5CVSS5AI score0.00453EPSS
Exploits0
OSV
OSV
added 2023/02/13 12:1 a.m.9 views

MAL-2023-268 Malicious code in doii.repo.tik (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2a3b246d61b93de2def7a63affccacb26c7bddff3816d751983fa3fa0f3e978 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/02/13 12:1 a.m.5 views

MAL-2023-267 Malicious code in doii.repo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5201538e1c2a29415afeb2ff46b45521e0f3dc4ac5983bc3da0d42f2358bb580 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/02/12 10:44 p.m.14 views

MAL-2023-4 Malicious code in eslint-plugin-dropbox-sign (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef0b78a956b34b6e0c3db65f1f623e28b0e80753ffae8ea19c75e4217f1dc0b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/02/12 10:2 p.m.6 views

MAL-2023-586 Malicious code in mdes_digital_enablement_api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef91fec71d700626e729317e9beb9132a1be4c4c60fce5f67f94ceae1a198435 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/12 9:53 p.m.4 views

Malicious code in fca-jiser-remake (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35bfdae86299688abf534339a424e1a455f436fbdef00a64a09648d3c31862c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder