Lucene search
K

8751 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/30 12:0 a.m.5 views

The vulnerability of the copy_desc_to_mbuf() function in the set of libraries and drivers for fast packet processing in dpdk allows the attacker to cause a service failure.

The vulnerability of the copydesctombuf function, which is part of a set of libraries and drivers for fast packet processing in dpdk, is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

8.6CVSS7.3AI score0.01708EPSS
Exploits1References5Affected Software5
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.2 views

PT-2022-4522 · Mellanox +7 · Mlnx Dpdk +7

Name of the Vulnerable Software and Affected Versions: MLNX DPDK affected versions not specified Description: The issue is related to improper error recovery handling in the network stack, which can allow a remote attacker to cause denial of service and potentially impact data integrity and...

8.6CVSS7AI score0.01812EPSS
Exploits1References67
OpenVAS
OpenVAS
added 2022/08/29 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:2909-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.6AI score0.02319EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/08/29 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:2914-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.4AI score0.0152EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.4 views

DPDK 安全漏洞

DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. A security vulnerability exists in DPDK. An attacker exploits the vulnerability to trigger a denial-of-service attack...

8.6CVSS6.9AI score0.01708EPSS
Exploits1References22
hivepro
hivepro
added 2022/08/26 12:10 p.m.19 views

Iranian APT’s new data extraction tool Hyperscrape

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an Iranian government-backed threat group, has been employing a new data extraction tool, HYPERSCAPE. It has been used to retrieve data from Microsoft Outlook, Yahoo, and Gmail accounts...

1.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/26 9:10 a.m.49 views

Hackers Breach LastPass Developer System to Steal Source Code

Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed,...

1.1AI score
Exploits0
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2022:2898-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.17673EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:2899-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.17673EPSS
Exploits2References8
NVD
NVD
added 2022/08/25 11:15 p.m.16 views

CVE-2022-36115

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An...

7.1CVSS0.00774EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/08/25 10:54 p.m.22 views

CVE-2022-36115

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An...

7.1AI score0.00774EPSS
Exploits0References3
CNVD
CNVD
added 2022/08/25 12:0 a.m.15 views

XSS Vulnerability in the Mobile Library of Beijing Century Super Star Information Technology Development Co.

Mobile Library is a professional mobile reading software specially made for all libraries. There is an XSS vulnerability in Beijing Century Super Star Information Technology Development Limited Liability Company's Mobile Library, which can be exploited by attackers to obtain sensitive information...

5.8AI score
Exploits0
CNVD
CNVD
added 2022/08/25 12:0 a.m.8 views

Beijing Century Superstar Information Technology Development Co., Ltd.'s Learning Pass suffers from a stored XSS vulnerability

LearningTone is a course learning, knowledge dissemination and management sharing platform built on a microservice architecture. There is a stored XSS vulnerability in Beijing Century Super Star Information Technology Development Limited Liability Company's Learning Pass, which can be exploited b...

5.7AI score
Exploits0
CNVD
CNVD
added 2022/08/24 12:0 a.m.16 views

Pegasystem PEGA Platform Cross-Site Scripting Vulnerability (CNVD-2023-12002)

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications such as BPM business process management, case management, real-time decision making and CRM customer relationship management.Pegasystem Pega Platform suffers...

6.1CVSS0.3AI score0.00439EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/08/24 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:2871-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.6AI score0.02261EPSS
Exploits0References4
CNVD
CNVD
added 2022/08/24 12:0 a.m.22 views

Pegasystem PEGA Platform Cross-Site Request Forgery Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management.A cross-site request forgery...

6.8CVSS1.5AI score0.00294EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/19 12:0 a.m.5 views

The vulnerability of the Azure RTOS GUIX Studio development environment, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Azure RTOS GUIX Studio development environment is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.01109EPSS
Exploits0References3
OSV
OSV
added 2022/08/18 8:10 a.m.4 views

CLSA-2022-1660810242 Fix CVE(s):

Security fixes: - JDK-8148005: One byte may be corrupted by getdatetimestring...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.2 views

Nordic Semiconductor nRF5 SDK 缓冲区错误漏洞

The Nordic Semiconductor nRF5 SDK is a software development kit from Nordic Semiconductor, Norway. It provides a rich development environment for the nRF51 and nRF52 family of SoCs. A security vulnerability exists in Nordic Semiconductor nRF5 SDK version 5.0, which is caused by a heap overflow...

8.8CVSS8AI score0.00859EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.4 views

The vulnerability of the application development environment for ISaGRAF Workbench programmable logic controllers arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to escalate their privileges.

The vulnerability in the development environment for ISaGRAF Workbench programmable logic controllers is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability can allow attackers to enhance their privileges using a specially created...

7.7CVSS7.2AI score0.00267EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder