Lucene search
K

208 matches found

OSV
OSV
added 2024/12/04 9:15 p.m.3 views

UBUNTU-CVE-2024-38829

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

3.7CVSS6.5AI score0.00379EPSS
Exploits0References3
OSV
OSV
added 2024/12/02 3:31 p.m.3 views

GHSA-Q3V6-HM2V-PW99 Spring Framework has Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

6.3CVSS5.9AI score0.00385EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/11/28 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-7127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.5AI score0.00933EPSS
Exploits2References2
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.7 views

Spring LDAP Spring LDAP sensitive data exposure for case-sensitive comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in unintended columns from being queried Related to CVE-2024-38820...

3.7CVSS5.8AI score0.00631EPSS
Exploits1References1Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.7 views

Spring Security Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly. Related to CVE-2024-38820...

4.8CVSS6.6AI score0.00631EPSS
Exploits1References1Affected Software1
Fedora
Fedora
added 2024/11/16 2:2 a.m.12 views

[SECURITY] Fedora 40 Update: ghostscript-10.02.1-13.fc40

This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...

8.4CVSS7.3AI score0.0055EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

WordPress plugin Slickstream: Engagement and Conversions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.4CVSS7.6AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2024/11/08 6:15 a.m.1 views

DEBIAN-CVE-2024-50194

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in-memory instruction encoding which is always little-endian into the kernel's native endianness...

5.5CVSS6AI score0.00229EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/06 1:59 a.m.11 views

SUSE CVE-2024-42156

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

5.5CVSS6.4AI score0.00214EPSS
Exploits0References13
OSV
OSV
added 2024/03/06 11:20 a.m.19 views

BIT-TENSORFLOW-2020-5215 Segmentation faultin TensorFlow when converting a Python string to tf.float16

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

7.5CVSS7.2AI score0.00581EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.35 views

AlmaLinux 8 : firefox (ALSA-2024:0955)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0955 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Thi...

8.1CVSS7.9AI score0.00937EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.28 views

AlmaLinux 9 : firefox (ALSA-2024:0952)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0952 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. Thi...

8.1CVSS7.9AI score0.00937EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.36 views

Oracle Linux 9 : thunderbird (ELSA-2024-0963)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0963 advisory. 115.8.0-1.0.1 - Add Oracle modifications 115.8.0-1 - Update to 115.8.0 build1 Tenable has extracted the preceding description block directly from the...

8.1CVSS7.4AI score0.00937EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.34 views

Oracle Linux 8 : firefox (ELSA-2024-0955)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0955 advisory. 115.8.0-1.0.1 - Update to 115.8.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

8.1CVSS7.4AI score0.00937EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/02/26 8:47 p.m.3 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/26 7:19 p.m.10 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/26 4:36 a.m.5 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/26 2:21 a.m.4 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/26 2:20 a.m.4 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/02/26 2:20 a.m.3 views

Mozilla: Incorrect code generation on 32-bit ARM devices

The Mozilla Foundation Security Advisory describes this flaw as: Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior. This issue only affects 32-bit ARM devices...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References6
Rows per page
Query Builder