Lucene search
K

55 matches found

redhatcve
redhatcve
added 2026/01/29 9:21 p.m.6 views

CVE-2025-46306

The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
cisa_kev
cisa_kev
added 2025/07/07 12:0 a.m.10 views

Rails Ruby on Rails Path Traversal Vulnerability

Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to render file: can cause arbitrary files on the target server to be rendered, disclosing the file contents...

7.5CVSS7.2AI score0.98507EPSS
In wildExploits18
redhatcve
redhatcve
added 2025/05/23 3:49 a.m.5 views

CVE-2023-32443

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents...

8.1CVSS5.9AI score0.00566EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/04/13 3:40 p.m.20 views

CVE-2023-42983

Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks...

6.4CVSS6.1AI score0.00221EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/03/04 12:0 a.m.6 views

PocketBook InkPad Color 3 安全漏洞

PocketBook InkPad Color 3 is a waterproof e-reader with a color display from PocketBook. It is used for reading eBooks, playing audiobooks, and more. A security vulnerability exists in the PocketBook InkPad Color 3 U743k version 3.6.8.3671, which stems from a misconfiguration of Sudo permissions...

4.7CVSS6.5AI score0.00196EPSS
Exploits0References3
amazon
amazon
added 2025/01/17 12:0 a.m.4 views

Important: rsync

Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...

7.5CVSS6.6AI score0.09353EPSS
Exploits4
cnnvd
cnnvd
added 2024/10/07 12:0 a.m.5 views

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet that stems from allowing image size and type to be retrieved by reading the contents of a file. An attacker exploiting this vulnerability can...

7.7CVSS6.3AI score0.00579EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2024/07/29 10:17 p.m.11 views

CVE-2024-27877

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents...

5.8AI score0.00436EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/07/29 12:0 a.m.3 views

PT-2024-22101 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.6 macOS versions prior to 13.6.8 macOS versions prior to 14.6 Description: The issue was addressed with improved memory handling. Processing a maliciously crafted file may lead to a denial-of-service or potentiall...

6.1CVSS6.1AI score0.00436EPSS
Exploits0References14
cvelist
cvelist
added 2024/03/08 1:35 a.m.23 views

CVE-2024-23249

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents...

6.9AI score0.00243EPSS
Exploits0References1
nvd
nvd
added 2024/01/13 4:15 a.m.41 views

CVE-2023-51062

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...

5.3CVSS5.2AI score0.00502EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/01/13 12:0 a.m.16 views

CVE-2023-51062

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...

6.8AI score0.00502EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2024/01/12 12:0 a.m.6 views

PT-2024-14041 · Qstar · Qstar Archive Solutions

Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: The issue allows attackers to disclose the SMB Log contents via executing a crafted command, specifically through an unauthenticated log file read in the component...

5.3CVSS5.5AI score0.00502EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2023/09/15 8:16 p.m.12 views

CVE-2023-0923 Odh-notebook-controller-container: missing authorization allows for file contents disclosure

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues...

8.8CVSS6.7AI score0.00937EPSS
Exploits0References3
redhatcve
redhatcve
added 2023/09/12 2:54 p.m.55 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.8AI score0.01508EPSS
Exploits1References3
openvas
openvas
added 2023/04/12 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2023-0130)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.59501EPSS
Exploits0References11
redhat
redhat
added 2023/02/28 8:31 a.m.45 views

Important: Red Hat Security Advisory: Red Hat OpenShift Data Science 1.22.1 security update

An update for kubeflow, dashboard, deployer is now available for Red Hat OpenShift Data Science 1.22. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS7.3AI score0.00937EPSS
Exploits0References6
susecve
susecve
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2007-0473

The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information /etc/sudoers contents by reading this file...

1.9CVSS6.2AI score0.00356EPSS
Exploits0References3
github
github
added 2023/02/08 10:27 p.m.52 views

openssl-src contains Read Buffer Overflow in X.509 Name Constraint

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

4.9CVSS6.8AI score0.01481EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2022/09/20 6:15 p.m.39 views

CVE-2022-26873

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...

8.2CVSS0.00402EPSS
Exploits1References3
Rows per page
Query Builder