Lucene search
K

8752 matches found

CNVD
CNVD
added 2022/02/14 12:0 a.m.16 views

Code Execution Vulnerability in Damon Database Management System

Wuhan Damon Database Co., Ltd. is a company dedicated to the research, development, sales and service of database management systems and big data platforms, as well as can provide users with full-stack data products and solutions. A code execution vulnerability exists in the Damon Database...

7.8AI score
Exploits0
CNVD
CNVD
added 2022/02/14 12:0 a.m.33 views

Google Golang memory consumption overflow vulnerability

Google Golang is a statically strongly typed, compiled language from Google, Inc. A memory consumption overflow vulnerability exists in Google Golang, which stems from a design or implementation impropriety in the code development process of a web-based system or product. An attacker could exploi...

7.8CVSS3.7AI score0.0283EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2022/02/11 3:5 p.m.23 views

The Forecast Is Flipped: How Rapid7 Is Flipping L&D for the Future of Work

The last 2 years have turned the world on its head, and now, companies across the globe are transitioning into a new normal. In this hybrid world, employee engagement is a moving target, the market is more competitive, and historical face-to-face teaching practices are no longer viable. Rapid7’s...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2022/02/11 11:30 a.m.22 views

TerraGoat - Vulnerable Terraform Infrastructure

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a...

7.2AI score
Exploits0References6
Fedora
Fedora
added 2022/02/11 1:23 a.m.42 views

[SECURITY] Fedora 35 Update: python-django-3.2.12-1.fc35

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

7.5CVSS1.6AI score0.49246EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/02/10 8:15 p.m.16 views

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

7.5CVSS7AI score0.013EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2022/02/10 8:15 p.m.78 views

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

7.5CVSS1.6AI score0.013EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/02/10 8:10 p.m.21 views

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

7.5CVSS7.5AI score0.013EPSS
Exploits0
Imperva Blog
Imperva Blog
added 2022/02/10 4:7 p.m.22 views

Is it Easier to Turn Cloud Professionals into Security Practitioners or Vice Versa?

Insights into the cybersecurity skills gap In a poll taken at a recent Imperva webinar, What’s New in ‘22? Cybersecurity Trends and Predictions, participants said it’s easier to turn security practitioners into cloud professionals by a margin of 65-35. Three Directors in Imperva’s Office of the C...

7.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/10 12:32 a.m.4 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23577 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23577 Source advisory:...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:45 p.m.7 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21738 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21738 Source advisory:...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:28 p.m.4 views

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23588 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23588 Source advisory:...

6.5CVSS6.5AI score0.00864EPSS
Exploits1
OSV
OSV
added 2022/02/09 5:15 p.m.2 views

CVE-2022-21991

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...

8.1CVSS7.4AI score0.02075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/09 5:15 p.m.7 views

CVE-2022-21991

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...

8.1CVSS7.3AI score0.02075EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/02/09 5:15 p.m.24 views

Remote code execution

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...

6.8CVSS8.2AI score0.02075EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/09 4:36 p.m.24 views

CVE-2022-21991 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

...

8.1CVSS8.3AI score0.02075EPSS
Exploits0References1
CVE
CVE
added 2022/02/09 4:36 p.m.236 views

CVE-2022-21991

CVE-2022-21991 is a remote code execution vulnerability in the Visual Studio Code Remote Development Extension. The provided documents confirm an RCE impact (high severity, CVSS v3.1 base 8.1) with network-based access and no user interaction, but do not specify affected product versions or explo...

8.1CVSS8.3AI score0.02075EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2022/02/08 8:0 a.m.126 views

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

...

8.1CVSS8.2AI score0.02075EPSS
Exploits0
Jetbrains
Jetbrains
added 2022/02/08 12:0 a.m.161 views

JetBrains Security Bulletin Q4 2021

JetBrains Security JetBrains Security Bulletin Q4 2021 Robert Demmer In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity...

9.8CVSS6.8AI score0.03202EPSS
Exploits2Affected Software6
Positive Technologies
Positive Technologies
added 2022/02/08 12:0 a.m.3 views

PT-2022-1664 · Microsoft · Visual Studio Code Remote Development Extension

Name of the Vulnerable Software and Affected Versions: Visual Studio Code Remote Development Extension affected versions not specified Description: The issue is related to incorrect code generation management in the Visual Studio Code Remote Development Extension. Exploitation of this issue may...

8.1CVSS8.2AI score0.02075EPSS
Exploits0References6
Rows per page
Query Builder