Lucene search
K

560 matches found

NVD
NVD
added 2024/04/09 1:15 a.m.22 views

CVE-2024-30218

The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability...

6.5CVSS6.5AI score0.00527EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/20 12:0 a.m.42 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-6701-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6701-2 advisory. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. ...

7.8CVSS7.8AI score0.28058EPSS
Exploits18References13
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.34 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-cryptography (SUSE-SU-2024:0763-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0763-1 advisory. - CVE-2024-26130: Fixed NULL pointer dereference in pkcs12.serializekeyandcertificates bsc1220210. Tenabl...

7.5CVSS6.9AI score0.00831EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.17 views

openSUSE Security Advisory (SUSE-SU-2024:0136-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00459EPSS
Exploits1References5
NVD
NVD
added 2024/02/29 1:42 a.m.15 views

CVE-2023-6247

The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...

6.5CVSS6.5AI score0.00778EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/02/29 1:42 a.m.29 views

CVE-2023-6247

The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...

6.5CVSS5.8AI score0.00778EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/23 7:14 p.m.18 views

CVE-2023-51393 Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer

Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 delivered as part of Silicon Labs Gecko SDK v4.4.0 which may enable attackers to trigger a bus fault and crash of the device, requiring a...

5.3CVSS5.5AI score0.00515EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/02/22 12:0 a.m.54 views

CVE-2024-26586

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, each ACL points to a...

6.7CVSS6.3AI score0.00247EPSS
Exploits0References21
Vulnrichment
Vulnrichment
added 2024/02/20 6:43 p.m.13 views

CVE-2023-6247

The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...

6.9AI score0.00778EPSS
Exploits0References1
Prion
Prion
added 2024/02/09 11:15 p.m.16 views

Design/Logic Flaw

Envoy is a high-performance edge/middle/service proxy. Envoy crashes in Proxy protocol when using an address type that isn’t supported by the OS. Envoy is susceptible to crashing on a host with IPv6 disabled and a listener config with proxy protocol enabled when it receives a request where the...

5CVSS7AI score0.00751EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2024/02/08 12:36 p.m.35 views

CVE-2023-46159

A flaw was found in Ceph. Certain misconfigurations of CORS rules in Ceph could result in a significantly large memory allocation. This issue can lead to RGW crashing and a denial of service from an authenticated user on the network...

2.6CVSS6.8AI score0.00698EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/02/06 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-6622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.04459EPSS
Exploits0References2
OSV
OSV
added 2024/02/05 8:22 p.m.58 views

GHSA-7M8G-FPRR-47FX phpMyFAQ vulnerable to stored XSS on attachments filename

Summary Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leading to allow execute JavaScript code in client side XSS Details On that snippet code of rendering the file attachments from user tables id ?" title="thema ?" id ? filename ? recordlang ? filesize ? mimetype ? The data...

6.5CVSS6.4AI score0.0088EPSS
Exploits1References6
OSV
OSV
added 2024/02/04 2:49 a.m.13 views

MGASA-2024-0020 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Excessive time spent in DH check / generation with large Q parameter value. CVE-2023-5678 POLY1305 MAC implementation corrupts vector registers on PowerPC. CVE-2023-6129 Excessive time spent checking invalid RSA public keys. CVE-2023-6237 PKCS12...

6.5CVSS5.8AI score0.04459EPSS
Exploits0References6
NVD
NVD
added 2024/01/31 10:15 p.m.16 views

CVE-2024-23650

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoi...

5.3CVSS6.3AI score0.00957EPSS
Exploits0References3
OSV
OSV
added 2024/01/24 4:56 p.m.37 views

CVE-2024-23641 Sending a GET or HEAD request with a body crashes SvelteKit

SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg to a built and previewed/hosted sveltekit app throws Request with GET/HEAD method cannot have body. and crashes the preview/hosting. After this happens, one must manually restart the app. TRACE requests will...

7.5CVSS7.4AI score0.00764EPSS
Exploits1References4
OSV
OSV
added 2024/01/18 8:54 a.m.9 views

SUSE-SU-2024:0136-2 Security update for pam

This update for pam fixes the following issues: - CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation bsc1218475. - Check localtimer return value to fix crashing bsc1217000...

5.5CVSS5.5AI score0.00459EPSS
Exploits1References4
OSV
OSV
added 2024/01/18 8:54 a.m.4 views

SUSE-SU-2024:0136-1 Security update for pam

This update for pam fixes the following issues: - CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation bsc1218475. - Check localtimer return value to fix crashing bsc1217000...

5.5CVSS5.5AI score0.00459EPSS
Exploits1References4
Malwarebytes
Malwarebytes
added 2023/12/25 11:25 a.m.33 views

A week in security (December 18 – December 24)

Last week on Malwarebytes Labs: Comcast’s Xfinity breached by Citrix Bleed; 36 million customer’s data accessed How does ThreatDown Vulnerability Assessment and Patch Management work? How Outlook notification sounds can lead to zero-click exploits Update Chrome now! Emergency update patches...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.30 views

SUSE SLES12 Security Update : ghostscript (SUSE-SU-2023:4917-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4917-1 advisory. - CVE-2023-46751: Fixed dangling pointer in gdevprnopenprinterseekable bsc1217871. Tenable has extracted the preceding description block...

7.5CVSS7.2AI score0.0153EPSS
Exploits0References4
Rows per page
Query Builder