Lucene search
K

176 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:17 a.m.5 views

CVE-2023-23076

OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedules...

9.8CVSS7.5AI score0.7427EPSS
Exploits0References1
OSV
OSV
added 2025/04/25 3:15 a.m.4 views

CVE-2025-46544

In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new users and roles...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References4
OSV
OSV
added 2025/02/26 7:1 a.m.3 views

DEBIAN-CVE-2022-49655

In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...

4.7CVSS5.3AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

UBUNTU-CVE-2022-49655

In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...

4.7CVSS6.1AI score0.0014EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.4 views

netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING

...

5.5CVSS6.9AI score0.00203EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/12/30 3:48 a.m.5 views

SUSE CVE-2024-56755

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...

2.5CVSS7.6AI score0.00203EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2024/12/29 11:30 a.m.3 views

CVE-2024-56755 netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...

7.5AI score0.00203EPSS
Exploits0References5
OSV
OSV
added 2024/11/26 7:58 p.m.7 views

GHSA-HH33-46Q4-HWM2 Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion

Impact Existing lakeFS users who have issued credentials to users who have been deleted. Creating a new user with the same username, that user will inherit all of the previous user's credentials lakeFS needs to delete user credentials upon user deletion. Patches Has the problem been patched? What...

6.8CVSS5.6AI score0.00341EPSS
Exploits0References4
Citrix
Citrix
added 2024/11/07 12:0 a.m.6 views

MCS Machines on Microsoft Azure show as 'Creating' on the Azure Portal

When using Microsoft Azure and Citrix Machine Creation Services MCS, the Virtual Machine Object shows as 'Creating' instead of 'Running,' but otherwise registers and can be connected to until it forcibly shuts down...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.9 views

The vulnerability of the Jenkins automation server, related to access control deficiencies, allows a hacker to bypass restrictions and create temporary elements.

The vulnerability of the Jenkins automation server is related to lack of access control. Exploiting this vulnerability allows a malicious actor to bypass restrictions and create temporary elements...

4.3CVSS6.6AI score0.00684EPSS
Exploits0References3Affected Software2
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-4444

The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in versions up to, and including 1.4.9 due to missing authorization checks on various functions. This makes it possible for unauthenticated attackers to perform unauthorized actions such as creating new...

7.3CVSS5.8AI score0.00321EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/14 12:0 a.m.6 views

X2CRM 安全漏洞

X2CRM is a next generation open source social selling application for small and medium sized businesses. A cross-site scripting vulnerability exists in X2CRM. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited to...

6.5CVSS6.2AI score0.00624EPSS
Exploits3References3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.196 views

GitStack Unauthenticated REST API Requests

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitStack Unauthenticated REST API Requests', 'Description' = %q This modules exploits unauthenticated REST API requests in GitStack through...

9.8CVSS7AI score0.80982EPSS
Exploits9
Trellix
Trellix
added 2024/08/26 12:0 a.m.27 views

The Bug Report - August 2024 Edition

The Bug Report - August 2024 Edition By Jonathan Omakun · August 26, 2024 Why am I Here August isn’t just about heat waves and summer getaways for the Northern Hemisphere; it’s also when things get serious for students and cybersecurity pros. As organizations prep for the end of the fiscal year,...

9.8CVSS9.2AI score0.99987EPSS
Exploits45
Cvelist
Cvelist
added 2024/07/03 8:39 a.m.23 views

CVE-2024-6428 Limited DoS due to permitting creating users with user-defined IDs

Mattermost versions 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2, 9.5.x = 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken...

5.3CVSS0.00394EPSS
Exploits0References1
CVE
CVE
added 2024/06/28 4:58 a.m.92 views

CVE-2024-37282

CVE-2024-37282 affects Elastic Cloud Enterprise (ECE) where, under certain preconditions, an API key created with limited privileges could be used to create new API keys with elevated privileges. Affected versions are ECE after 3.0.0 and before 3.7.2. The mitigation is to upgrade to version 3.7.2...

9.8CVSS6.9AI score0.00603EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2024/05/26 1:29 a.m.13 views

[SECURITY] Fedora 40 Update: rust-uu_mkdir-0.0.23-3.fc40

mkdir uutils create DIRECTORY...

7.3AI score
Exploits0
Debian CVE
Debian CVE
added 2024/05/22 8:19 a.m.18 views

CVE-2021-47481

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an errant set to descsize in regcreate causes a crash: BUG: unable to handle page fault for address:...

5.5CVSS6.4AI score0.0018EPSS
Exploits0
OSV
OSV
added 2024/05/17 4:15 p.m.22 views

CVE-2024-34241

A cross-site scripting XSS vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications...

4.8CVSS5.7AI score0.00762EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/05/13 3:54 p.m.15 views

CVE-2024-34701 CreateWiki vulnerable to impersonation of wiki requester

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users to be considered as the requester of a specific wiki request if their local user ID on any wiki in a wiki farm matches the local ID of the requester at the wiki where the wiki request was made...

5.9CVSS6.6AI score0.00647EPSS
Exploits0References6
Rows per page
Query Builder