Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-1030

Malicious code in bioql PyPI...

9.8CVSS8.5AI score0.01421EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.35 views

Fedora 36 : pcs (2023-5993ffa09a)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5993ffa09a advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.31 views

Fedora 38 : pcs (2023-4d546e6b4b)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4d546e6b4b advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.22 views

Fedora 37 : pcs (2023-cb2e422088)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cb2e422088 advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.41 views

Rocky Linux 9 : pcs (RLSA-2023:1591)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:1591 advisory. - Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a proper...

9.8CVSS8AI score0.01421EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.25 views

Oracle Linux 9 : pcs (ELSA-2023-12235)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12235 advisory. 0.11.3-4.el91.3 - Fixed a vulnerability in pcs-web-ui-node-modules - Resolves: rhbz2179900 Tenable has extracted the preceding description block directly from...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/05 12:0 a.m.33 views

AlmaLinux 9 : pcs (ALSA-2023:1591)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:1591 advisory. - Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/04 12:0 a.m.34 views

RHEL 9 : pcs (RHSA-2023:1591)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1591 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: webpack: avoid cross-realm...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/03/13 1:15 a.m.63 views

CVE-2023-28154

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...

9.8CVSS7.1AI score0.01421EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/13 12:0 a.m.31 views

CVE-2023-28154

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...

9.5AI score0.01421EPSS
Exploits0References5
OSV
OSV
added 2023/03/13 12:0 a.m.30 views

CVE-2023-28154

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...

9.8CVSS9.5AI score0.01421EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/03/13 12:0 a.m.8 views

CVE-2023-28154

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...

9.4AI score0.01421EPSS
Exploits0References5
CVE
CVE
added 2023/03/13 12:0 a.m.273 views

CVE-2023-28154

CVE-2023-28154 affects Webpack 5 before 5.76.0. ImportParserPlugin.js mishandles the magic comment feature, allowing an attacker who controls a property of an untrusted object to obtain access to the real global object (cross-realm object access). CVSS v3.1 base score 9.8 (CRITICAL). Remediation:...

9.8CVSS9.1AI score0.01421EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder