Lucene search
K

8752 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:10 p.m.34 views

K16318: OpenSSL vulnerability CVE-2015-0287

Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...

5CVSS6.8AI score0.0837EPSS
Exploits0Affected Software1
Huntr
Huntr
added 2023/02/20 2:52 a.m.431 views

Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203

Description Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203 Proof of Concept 1 Go to https://localhost/Cockpit/modules/App/assets/vendor/lodash.js?ver=2.3.9-1676855050 and note that lodash version is 4.17.15 2 Go to https://localhost/Cockpit/ 3 Open Web Devloper tools Ctrl+Shift+I usin...

1.7CVSS6.6AI score0.05213EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/18 1:45 a.m.33 views

Security Bulletin: Vulnerabilities in Network Security Services (NSS) affect IBM FlashSystem 840 and IBM FlashSystem V840, -AE1 models, (CVE-2014-3566)

Summary Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. NSS is used by FlashSystem 840. FlashSystem 840 has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2014-3566...

4.3CVSS4AI score0.99999EPSS
Exploits7Affected Software2
Fedora
Fedora
added 2023/02/17 6:22 p.m.48 views

[SECURITY] Fedora 37 Update: ImageMagick-6.9.12.77-1.fc37

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

6.5CVSS0.8AI score0.89855EPSS
Exploits31
Citrix
Citrix
added 2023/02/17 12:0 a.m.7 views

Microsoft Security Update Validation Report February 2023

Microsoft’s February 2023 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.5 views

PT-2023-12889 · Intel · Intel Sgx Sdk

Name of the Vulnerable Software and Affected Versions: IntelR SGX SDK software for Linux versions prior to 2.16.100.1 Description: The issue is related to insufficient control flow management, which may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS5.1AI score0.00158EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.5 views

PT-2023-13473 · Intel +1 · Intel Media Sdk +1

Name of the Vulnerable Software and Affected Versions: IntelR Media SDK versions prior to 22.2.2 Description: The issue is related to a protection mechanism failure in the IntelR Media SDK software, which may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS5AI score0.00228EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.4 views

Intel SGX SDK 安全漏洞

Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from Intel Corporation USA. A security vulnerability exists in the IntelR SGX SDK software for Linux prior to version 2.16.100.1, which stems from inadequate software control flow...

5.5CVSS5.7AI score0.00158EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/16 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:0421-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS8.1AI score0.89855EPSS
Exploits31References5
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.4 views

Intel SGX SDK 安全漏洞

Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from Intel Corporation USA. A security vulnerability exists in Intel SGX SDK versions prior to 2.16.100.1, which stems from an improper conditional checking in the software, and can be...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/16 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:0428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.89855EPSS
Exploits31References2
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.5 views

Intel Media SDK 安全漏洞

Intel Media SDK is a multimedia SDK Software Development Kit from Intel Corporation. The product is primarily used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability exists in Intel Media Software Development Kit, which stems from a...

7.8CVSS7.3AI score0.00246EPSS
Exploits0References3
Hacker One
Hacker One
added 2023/02/15 10:7 a.m.6 views

Malwarebytes: Rails Debug Mode Enabled On ( https://44.208.145.207/testrail/files.md5 )

Summary: A Ruby on Rails web application running in development mode was identified on a Malwarebytes server. The application exposed sensitive system information, including details about middleware components and application root paths, which should not be accessible in a production environment...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/15 9:28 a.m.4 views

Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps

In an ideal world, security and development teams would be working together in perfect harmony. But we live in a world of competing priorities, where DevOps and security departments often butt heads with each other. Agility and security are often at odds with each other— if a new feature is...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-2426

Sun Java Runtime Environment JRE 1.5.06 and earlier, JDK 1.5.06 and earlier, and SDK 1.5.06 and earlier allows remote attackers to cause a denial of service disk consumption by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory...

6.4CVSS6.9AI score0.12692EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.8 views

SUSE CVE-2006-6737

Unspecified vulnerability in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 5 and earlier, Java System Development Kit SDK and JRE 1.4.210 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allows attackers to use untrusted applets to "access data in other...

4.3CVSS6.8AI score0.02311EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-6745

Multiple unspecified vulnerabilities in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, and Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges,...

9.3CVSS7.2AI score0.03058EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.120 and earlier...

6.8CVSS8.3AI score0.18185EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-4381

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.214 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself...

9.3CVSS6.9AI score0.05424EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2008-1187

Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...

6.8CVSS7.8AI score0.05422EPSS
Exploits0References7
Rows per page
Query Builder