Lucene search
K

8752 matches found

RedHat Linux
RedHat Linux
added 2022/01/24 9:49 a.m.4 views

OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02755EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2022/01/24 9:3 a.m.52 views

java-11-openjdk security update

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

5.3CVSS6.5AI score0.08346EPSS
Exploits0
CNNVD
CNNVD
added 2022/01/24 12:0 a.m.4 views

Mozilla Thunderbird 缓冲区错误漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports IMAP, POP mail protocols, and HTML mail formats. Mozilla Thunderbird suffers from a buffer error vulnerability that arises from imprope...

9.8CVSS8.6AI score0.01013EPSS
Exploits1References7
Fedora
Fedora
added 2022/01/23 1:7 a.m.26 views

[SECURITY] Fedora 34 Update: prosody-0.11.12-1.fc34

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

7.5CVSS2.7AI score0.04563EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2022/01/21 5:0 p.m.14 views

Celebrating 20 Years of Trustworthy Computing

20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing TwC initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/01/21 5:0 p.m.11 views

Celebrating 20 Years of Trustworthy Computing

20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing TwC initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo...

7.5AI score
Exploits0
CNVD
CNVD
added 2022/01/21 12:0 a.m.31 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05875)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

6.1CVSS1.6AI score0.00946EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/21 12:0 a.m.20 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05878)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

6.1CVSS1.6AI score0.00946EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/01/20 12:0 a.m.3 views

PT-2022-7553 · Dpdk +4 · Dpdk +4

Name of the Vulnerable Software and Affected Versions: DPDK affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the DPDK library and driver set, which can lead to a denial of service. A malicious vhost-user master can attach an unexpected...

7.5CVSS6.6AI score0.01259EPSS
Exploits0References39
CNNVD
CNNVD
added 2022/01/20 12:0 a.m.6 views

Moddable SDK 缓冲区错误漏洞

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable USA. a security vulnerability exists in Moddable SDK v11.5.0, which stems from an invalid memory access in component asanmemmove. No details of the vulnerability are currently available...

5.5CVSS5.5AI score0.00717EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/20 12:0 a.m.6 views

Moddable SDK 安全漏洞

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, U.S. A security vulnerability exists in Moddable SDK v11.5.0, which was discovered to contain a SEGV vulnerability via the xs source xarray .c in the fx Array prototype sorting. No details of the...

5.5CVSS5.5AI score0.00717EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:0107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.14839EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:0110-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00311EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:0118-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.5AI score0.01074EPSS
Exploits2References5
OSV
OSV
added 2022/01/19 12:15 p.m.7 views

CVE-2021-38786

There is a NULL pointer dereference in media/libcedarc/vdecoder of Allwinner R818 SoC Android Q SDK V1.0, which could cause a media crash denial of service...

7.5CVSS5.8AI score0.0178EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/19 10:5 a.m.4 views

OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

5.3CVSS7.4AI score0.07748EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2022/01/19 8:53 a.m.49 views

java-17-openjdk security update

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-17-openjdk packages provide the OpenJDK 17 Java Runtime...

5.3CVSS6.5AI score0.08346EPSS
Exploits0
CNVD
CNVD
added 2022/01/19 12:0 a.m.22 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-52566)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

9.8CVSS2.5AI score0.04141EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/19 12:0 a.m.43 views

Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05874)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

7.5CVSS1.7AI score0.92331EPSS
Exploits6References1
CNVD
CNVD
added 2022/01/19 12:0 a.m.16 views

Heartland OA2021 Winter Snow Edition suffers from a logic flaw vulnerability (CNVD-2022-13942)

Heartland OA is developed based on the SaaS architecture of cloud computing model to meet the needs of government cloud, industrial cloud, education cloud and other intelligent cloud platform construction. A logic flaw vulnerability exists in Heartland OA2021 Winter Snow Edition, which can be...

6.8AI score
Exploits0
Rows per page
Query Builder