Lucene search
K

10 matches found

FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.14 views

net/rsync -- multiple vulnerabilities

The rsync project reports: Six CVEs are fixed in this release. All six are assigned by VulnCheck as CNA. Affected versions are 3.4.2 and earlier in every case. In addition to the six CVE fixes, this release adds defence-in-depth hardening on several adjacent paths: bounded wire-supplied counts an...

8.1CVSS5.9AI score0.0078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.58 views

Apache Tomcat 7.0.0 < 7.0.100 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.100. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.100security-7 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to...

9.8CVSS8.6AI score0.9927EPSS
Exploits45References10
RedhatCVE
RedhatCVE
added 2024/05/01 5:22 p.m.30 views

CVE-2024-26950

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer-device being dereferenced. It's actually easier and faster performance-wise to instead get the device from...

5.5CVSS7.1AI score0.00236EPSS
Exploits0References4
CVE
CVE
added 2024/05/01 5:18 a.m.2778 views

CVE-2024-26950

CVE-2024-26950 concerns the Linux kernel's WireGuard netlink handling. The connected documents confirm a concrete issue in the kernel’s WireGuard netlink path where a NULL peer-&gt;device could be dereferenced. The fix changes the device retrieval to ctx-&gt;wg (i.e., obtain the device from the c...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/05/01 5:18 a.m.20 views

CVE-2024-26950 wireguard: netlink: access device through ctx instead of peer

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer-device being dereferenced. It's actually easier and faster performance-wise to instead get the device from...

5.5CVSS6AI score0.00236EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/05/01 5:18 a.m.28 views

CVE-2024-26950 wireguard: netlink: access device through ctx instead of peer

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer-device being dereferenced. It's actually easier and faster performance-wise to instead get the device from...

7.7AI score0.00236EPSS
Exploits0References7
OSV
OSV
added 2023/10/17 12:40 p.m.27 views

GHSA-94W9-97P3-P368 CSRF Token Reuse Vulnerability

A Cross-Site Request Forgery CSRF vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform...

9.6CVSS9.4AI score0.00313EPSS
Exploits0References5
Metasploit
Metasploit
added 2020/12/03 5:41 p.m.296 views

Apache Tomcat AJP File Read

When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS8AI score0.9927EPSS
Exploits45
Atlassian
Atlassian
added 2020/10/11 11:20 p.m.68 views

Security improvements to the Velocity Uberspector

This ticket documents an improvement to the Velocity Uberspector's security, locking down which classes can be accessed. This change is a defence-in-depth against potential Remote Code Execution RCE and Injection attacks. The versions which do not have this improvement are before version 8.12.3...

6.3AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2020/09/21 10:20 a.m.196 views

A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf UKD caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a...

9.8CVSS0.4AI score0.99999EPSS
Exploits48
Rows per page
Query Builder