Lucene search
K

835 matches found

Tenable Nessus
Tenable Nessus
•added 2024/06/03 12:0 a.m.•20 views

RHEL 5 : cvs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cvs: Command injection via malicious ssh URLs CVE-2017-12836 Note that Nessus has not tested for this issue but has...

7.5CVSS9AI score0.05968EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
•added 2024/06/03 12:0 a.m.•10 views

RHEL 7 : cvs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cvs: Command injection via malicious ssh URLs CVE-2017-12836 Note that Nessus has not tested for this issue but has...

7.5CVSS9AI score0.05968EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/04/10 4:22 p.m.•25 views

Security Bulletin: Multiple Security Vulnerabilities were found in Open Source libraries used to deploy IBM Security Verify Access Appliances (CVE-2024-31871, CVE-2024-31872, CVE-2024-31873, CVE-2024-31874)

Summary An Open Source repository of python deployment scripts for ISVA Appliance is published on GitHub at https://github.com/IBM-Security/ibmsecurity. Vulnerabilities reported in the public repository have been addressed. Vulnerability Details CVEID:CVE-2024-31872 DESCRIPTION: IBM Security Veri...

8.1CVSS6.8AI score0.01197EPSS
Exploits1Affected Software1
Fedora
Fedora
•added 2024/03/07 10:33 p.m.•32 views

[SECURITY] Fedora 40 Update: subversion-1.14.3-5.fc40

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Wordfence Blog
Wordfence Blog
•added 2024/02/01 3:49 p.m.•138 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 22, 2024 to January 28, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 52 vulnerabilities disclosed in 42...

7.5CVSS9.4AI score0.68047EPSS
Exploits37
ICS
ICS
•added 2023/11/14 12:0 a.m.•22 views

Siemens SCALANCE W700

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS7.1AI score0.00897EPSS
Exploits1References12
NVD
NVD
•added 2023/10/05 6:15 p.m.•20 views

CVE-2023-43071

Dell SmartFabric Storage Software v1.4 and earlier contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to variou...

5.4CVSS5AI score0.00307EPSS
Exploits0References1
Prion
Prion
•added 2023/10/05 6:15 p.m.•15 views

Cross site scripting

Dell SmartFabric Storage Software v1.4 and earlier contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to variou...

4.9CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
CVE
CVE
•added 2023/10/05 5:43 p.m.•45 views

CVE-2023-43071

CVE-2023-43071 affects Dell SmartFabric Storage Software v1.4 and earlier, with HTML injection and potential CVS/formula injection in the GUI due to insufficient input filtering/escaping. An attacker with remote authenticated access could exploit these issues to cause cross-site scripting on HTML...

5.4CVSS5.3AI score0.00307EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
•added 2023/10/05 5:43 p.m.•10 views

CVE-2023-43071

Dell SmartFabric Storage Software v1.4 and earlier contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to variou...

4.4CVSS6.6AI score0.00307EPSS
Exploits0References1
Cvelist
Cvelist
•added 2023/10/05 5:43 p.m.•17 views

CVE-2023-43071

Dell SmartFabric Storage Software v1.4 and earlier contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to variou...

4.4CVSS5.7AI score0.00307EPSS
Exploits0References1
OpenVAS
OpenVAS
•added 2023/07/30 12:0 a.m.•25 views

CentOS: Security Advisory for emacs-git (CESA-2023:3263)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.52164EPSS
Exploits2References2
OpenVAS
OpenVAS
•added 2023/05/01 12:0 a.m.•23 views

SUSE: Security Advisory (SUSE-SU-2023:2062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.52164EPSS
Exploits2References4
ICS
ICS
•added 2023/04/18 7:27 p.m.•27 views

B. Braun Battery Pack SP with Wi-Fi

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: B. Braun Melsungen AG Equipment: Battery Pack SP with Wi-Fi Vulnerability: Improper neutralization of directives in dynamically evaluated code 'Eval Injection' 2. RISK EVALUATION Successful exploitation...

7.2CVSS7AI score0.00604EPSS
Exploits0References5
Openbugbounty
Openbugbounty
•added 2023/03/23 11:55 p.m.•12 views

spygolf.com Cross Site Scripting vulnerability OBB-3231682

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Snyk
Snyk
•added 2023/02/15 8:16 a.m.•2 views

Malicious Package

Overview cvs-components is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

9.8CVSS7.1AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2023/02/15 6:20 a.m.•3 views

SUSE CVE-2004-0416

Double free vulnerability for the errorprogname string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code...

10CVSS7.7AI score0.13206EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2023/02/15 6:20 a.m.•4 views

SUSE CVE-2004-0417

Integer overflow in the "Max-dotdot" CVS protocol command servemaxdotdot for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space...

5CVSS7.4AI score0.03069EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2023/01/19 12:0 a.m.•9 views

Ubuntu 18.04 LTS / 20.04 LTS : Git regression (USN-5810-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5810-2 advisory. USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Tenab...

5.6AI score
Exploits0References1
CVE
CVE
•added 2023/01/04 3:12 p.m.•78 views

CVE-2023-22464

CVE-2023-22464 affects ViewVC (CVS/Subversion browser) prior to 1.2.3 (1.2.x) and 1.1.30 (1.1.x). The root cause is cross-site scripting via files with unsafe names that, when embedded in HTML, could execute code; impact is mitigated by requiring the attacker to have commit privileges to a Subver...

5.4CVSS5.2AI score0.00642EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder