Lucene search
K

8751 matches found

OpenVAS
OpenVAS
added 2022/04/13 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:1167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03255EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/04/13 12:0 a.m.5 views

Cisco Iox 安全漏洞

Cisco Iox is a secure development environment from Cisco that combines Cisco IOS and Linux OS for secure network connectivity and development of IOT applications.A denial-of-service vulnerability exists in Cisco Iox, which can be exploited by an attacker to cause a DoS condition by sending a...

7.5CVSS7.3AI score0.01026EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/04/13 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:1160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.04062EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.6 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to compromise data integrity.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...

5.4CVSS6.4AI score0.71787EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2022/04/12 2:59 p.m.7 views

Exploit for Code Injection in Vmware Spring_Framework

spring4shell ⭐ a python implementation of CVE-2022-22965 that...

9.8CVSS7.3AI score0.99677EPSS
Exploits100
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.3 views

Microsoft Azure 日志信息泄露漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A log information disclosure vulnerability exists in the Microsoft Azure SDK. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor...

6.5CVSS6.8AI score0.0201EPSS
Exploits0References5
OSV
OSV
added 2022/04/11 7:45 p.m.22 views

CVE-2022-24829 Missing authentication in Garden

Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api...

8.1CVSS9.1AI score0.01126EPSS
Exploits0References4
Kitploit
Kitploit
added 2022/04/07 12:30 p.m.19 views

Gitbleed_Tools - For Extracting Data From Mirrorred Git Repositories

This repo contains shell scripts that can be used to download and analyze differences between cloned and mirror Git repositories. For more information about the underlying quirk in Git behavior, please visit read our blog post. What Do These Scripts Do? These scripts will clone a copy of the give...

6.9AI score
Exploits0References5
Fedora
Fedora
added 2022/04/05 3:44 p.m.38 views

[SECURITY] Fedora 35 Update: python-pillow-8.3.2-3.fc35

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

9.1CVSS9.4AI score0.02811EPSS
Exploits0
OSV
OSV
added 2022/04/05 3:23 p.m.5 views

CLSA-2022-1649172186 Update of openvpn-devel, openvpn

Rebuilt for tuxcare.els...

5.8AI score
Exploits0References1
hivepro
hivepro
added 2022/04/05 12:57 p.m.251 views

Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon

THREAT LEVEL: Red For a detailed advisory, download the pdf file here Deep Panda, a Chinese APT group, took advantage of the well-known Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor, rootkit, and steal sensitive data. This threat actor is primarily targeting firms in the...

9.3CVSS0.3AI score0.99999EPSS
Exploits347
OSV
OSV
added 2022/04/04 8:15 p.m.3 views

CVE-2021-32994

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

7.5CVSS5.8AI score0.01629EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/04 7:45 p.m.19 views

CVE-2021-32994 Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

7.5CVSS7.6AI score0.01629EPSS
Exploits0References1
hivepro
hivepro
added 2022/04/02 12:38 a.m.20 views

Actively exploited vulnerability affects Trend Micro Apex Central

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here Trend Micro Apex Central on-premise and as a Service has a zero-day vulnerability. This arbitrary file upload vulnerability if successfully exploited, could allow an unauthenticated remote attacker to upload any file, resulti...

1.2AI score
Exploits0
CNVD
CNVD
added 2022/04/02 12:0 a.m.13 views

Accusoft ImageGear out-of-bounds write vulnerability (CNVD-2022-35419)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. Accusoft ImageGear suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to potentially cause memory corruption via a compiled file in the wrong format...

8.1CVSS7AI score0.00714EPSS
Exploits1References1
Rapid7 Blog
Rapid7 Blog
added 2022/04/01 6:34 p.m.127 views

Metasploit Weekly Wrap-Up

CVE-2022-22963 - Spring Cloud Function SpEL RCE A new exploit/multi/http/springcloudfunctionspelinjection module has been developed by our very own Spencer McIntyre which targets Spring Cloud Function versions Prior to 3.1.7 and 3.2.3. This module is unrelated to Spring4Shell CVE-2022-22965, whic...

7.5CVSS1.3AI score0.99939EPSS
Exploits131
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.4 views

The vulnerability of the JNDI component in the OpenJDK application development kit allows a hacker to cause a service failure.

The vulnerability of the JNDI component in the OpenJDK application development kit is related to errors during resource release. Exploiting this vulnerability allows an attacker who operates remotely to cause service failures...

4.3CVSS6.4AI score0.03701EPSS
Exploits0References5Affected Software2
MSRC
MSRC
added 2022/03/31 7:0 a.m.10 views

Increasing Representation of Women in Security Research

Microsoft is committed to partnering with and supporting women in security research. Whether it’s growing women early in their career, or connecting people with mentors, we want to be a part of the journey. Throughout Women's History Month we intentionally sought opportunities to engage with wome...

7.2AI score
Exploits0
GithubExploit
GithubExploit
added 2022/03/30 3:50 p.m.2 views

SpringCore0day

Information https://spring.io/blog/2022/03/31/spring-framewor...

7.1AI score
Exploits0
hivepro
hivepro
added 2022/03/30 1:10 p.m.53 views

DOS Vulnerability discovered in SonicWall Next-Generation Firewall

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here SonicWall, a manufacturer of security hardware discovered a flaw in their SonicOS security operating system that allows denial of service DoS attacks and could lead to remote code execution RCE. The identified vulnerability...

7.5CVSS1.2AI score0.57324EPSS
Exploits3
Rows per page
Query Builder