Lucene search
K

270 matches found

ALT Linux
ALT Linux
added 2023/02/20 12:0 a.m.30 views

Security fix for the ALT Linux 10 package postgresql14 version 14.7-alt1

14.7-alt1 built Feb. 20, 2023 Alexei Takaseev in task 314938 Feb. 8, 2023 Alexei Takaseev - 14.7 Fixes CVE-2022-41862 - Conflicts: 14-1C - 15-1C...

4.8AI score0.00616EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-2288

Avahi before 0.6.10 allows local users to cause a denial of service mDNS/DNS-SD service disconnect via unspecified mDNS name conflicts...

3.6CVSS6.5AI score0.00339EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.3 views

SUSE CVE-2015-5224

The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks...

9.8CVSS7.1AI score0.04526EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.6 views

SUSE CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.6AI score0.02527EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS7.4AI score0.02081EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/11 12:0 a.m.1 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from a hash conflict problem. An attacker could exploit this vulnerability to cause a denial ...

5.7CVSS6.3AI score0.00553EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2023/02/10 12:0 a.m.5 views

The vulnerability of the PHP library for generating PDF documents from HTML markup and CSS styles, Dompdf, arises due to a possible interpretation conflict. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the PHP library for generating PDF documents from HTML markup and CSS styles, Dompdf, is related to the occurrence of interpretation conflicts. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

10CVSS8.1AI score0.0249EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2023/01/17 5:47 p.m.8 views

GSD-2023-1000538 selftests/bpf: Fix conflicts with built-in functions in bpf_iter_ksym

selftests/bpf: Fix conflicts with built-in functions in bpfiterksym This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.2 views

Jenkins Plugin Script Security 加密问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

7.5CVSS7.5AI score0.00468EPSS
Exploits0References7
Schneier on Security
Schneier on Security
added 2022/11/14 12:38 p.m.11 views

A Digital Red Cross

The International Committee of the Red Cross wants some digital equivalent to the iconic red cross, to alert would-be hackers that they are accessing a medical network. The emblem wouldn’t provide technical cybersecurity protection to hospitals, Red Cross infrastructure or other medical providers...

1.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.3 views

The vulnerability of the Geth client library of the Ethereum programming language GO in Go Ethereum allows a hacker to trigger a service failure.

The vulnerability of the Geth client library for the Ethereum protocol, written in the Go programming language, is related to the occurrence of interpretation conflicts. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.8CVSS7.2AI score0.01527EPSS
Exploits0References5Affected Software1
Microsoft KB
Microsoft KB
added 2022/07/19 12:0 a.m.8 views

July 19, 2022—KB5015879 (OS Build 20348.859) Preview

July 19, 2022—KB5015879 OS Build 20348.859 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/05/10 1:24 p.m.6 views

QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c

A NULL pointer dereference issue was found in the block mirror layer of QEMU. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data...

6.5CVSS6.7AI score0.0039EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.3 views

MongoDB Server 安全漏洞

MongoDB is a document-oriented database management system from the American company MongoDB. A security vulnerability exists in MongoDB Server, where an authenticated user without any specific authorization may be able to repeatedly invoke features commands, a large number of which may lead to...

7.1CVSS7.2AI score0.01034EPSS
Exploits0References3
OSV
OSV
added 2022/01/25 8:15 p.m.1 views

DEBIAN-CVE-2021-4145

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on t...

6.5CVSS6.5AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2022/01/25 8:15 p.m.6 views

AZL-8347 CVE-2021-4145 affecting package qemu for versions less than 6.2.0-2

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The self pointer is dereferenced in mirrorwaitonconflicts without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on t...

6.5CVSS6.7AI score0.0039EPSS
Exploits0References1
Securelist
Securelist
added 2021/11/23 10:0 a.m.19 views

Privacy predictions 2022

We no longer rely on the Internet just for entertainment or chatting with friends. Global connectivity underpins the most basic functions of our society, such as logistics, government services and banking. Consumers connect to businesses via instant messengers and order food delivery instead of...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/08/16 12:0 a.m.5 views

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird involves a situation where interpretation conflicts occur, allowing an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability in web browsers such as Firefox, Firefox ESR, and the email client Thunderbird relates to the handling of embedded list items as block-level elements. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servic...

10CVSS7.6AI score0.01386EPSS
Exploits1References17Affected Software7
Oracle linux
Oracle linux
added 2021/05/25 12:0 a.m.84 views

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

7.5CVSS0.9AI score0.09917EPSS
Exploits3
Oracle linux
Oracle linux
added 2021/05/25 12:0 a.m.250 views

kernel security, bug fix, and enhancement update

4.18.0-305.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...

7.8CVSS0.1AI score0.03292EPSS
Exploits10
Rows per page
Query Builder