Lucene search
K

8751 matches found

OSV
OSV
added 2022/05/26 12:15 p.m.3 views

UBUNTU-CVE-2021-42859

DISPUTED A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release...

7.5CVSS5.8AI score0.0097EPSS
Exploits1References3
Gitee
Gitee
added 2022/05/26 5:31 a.m.5 views

vulhub

This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains a variety of vulnerable applications, including web servers, databases, and other web-base...

8AI score
Exploits0
OpenVAS
OpenVAS
added 2022/05/26 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:1836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.02993EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/05/25 1:15 a.m.3 views

CVE-2022-29361

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations...

9.8CVSS7.2AI score0.07663EPSS
Exploits0References3
OSV
OSV
added 2022/05/25 1:15 a.m.10 views

CVE-2022-29361

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations...

9.8CVSS9.3AI score
Exploits0References2
OSV
OSV
added 2022/05/25 1:15 a.m.1 views

ALPINE-CVE-2022-29361

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations...

9.8CVSS6.8AI score0.07663EPSS
Exploits0References1
Prion
Prion
added 2022/05/25 1:15 a.m.16 views

Design/Logic Flaw

DISPUTED Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported...

7.5CVSS9.2AI score0.07663EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2022/05/25 1:15 a.m.4 views

PYSEC-2022-203

DISPUTED Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported...

9.8CVSS6.9AI score0.07663EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/05/25 1:15 a.m.7 views

PYSEC-2022-203

DISPUTED Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported...

9.8CVSS7.2AI score0.07663EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2022:1833-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.05928EPSS
Exploits5References5
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:1829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS9.1AI score0.02593EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/05/24 11:56 p.m.85 views

CVE-2022-29361

Removed by vendor...

9.8CVSS9.2AI score0.07663EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/24 10:10 p.m.5 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29201 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29201 Source advisory:...

5.5CVSS6AI score0.00332EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/24 10:8 p.m.3 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29198 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29198 Source advisory:...

5.5CVSS6AI score0.00317EPSS
Exploits1
Kitploit
Kitploit
added 2022/05/24 8:0 p.m.21 views

Reposaur - The Open Source Compliance Tool For Development Platforms

Reposaur is the open sourcecompliance tool for development platforms. Audit, verify and report on your data and configurations easily with pre-defined and/or custom policies. Supports GitHub. GitLab, BitBucket and Gitea support soon. Getting Started Have you ever felt like you don't know what's...

7.3AI score
Exploits0References13
OSV
OSV
added 2022/05/24 5:20 p.m.20 views

GHSA-X6GQ-VR59-4Q5Q KumbiaPHP Cross-site Scripting

KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia/PATHINFO...

5.4CVSS5.1AI score0.00618EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:20 p.m.22 views

KumbiaPHP Cross-site Scripting

KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia/PATHINFO...

5.4CVSS5.8AI score0.00618EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/24 5:9 p.m.16 views

GHSA-5FR8-XHQQ-4P3Q SilverStripe Denial of Service on flush and development URL tools

SilverStripe before 4.4.0 allows a Denial of Service on flush and development URL tools...

4.3CVSS4.5AI score0.0068EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/24 5:9 p.m.20 views

SilverStripe Denial of Service on flush and development URL tools

SilverStripe before 4.4.0 allows a Denial of Service on flush and development URL tools...

4.3CVSS6.8AI score0.0068EPSS
Exploits0References7Affected Software1
Malwarebytes
Malwarebytes
added 2022/05/24 8:39 a.m.24 views

Unknown APT group has targeted Russia repeatedly since Ukraine invasion

An unknown Advanced Persistent Threat APT group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. The campaigns, discovered by the Malwarebytes Threat Intelligence team, are designed to implant a Remote Access Trojan RAT that...

7.3AI score
Exploits0
Rows per page
Query Builder