Lucene search
K

4422 matches found

Kitploit
Kitploit
added 2022/11/25 11:30 a.m.23 views

SharpSCCM - A C# Utility For Interacting With SCCM

SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager a.k.a. ConfigMgr, formerly SCCM for lateral movement and credential gathering without requiring access to the SCCM administration console GUI. SharpSCCM was initially created to execute user huntin...

7.7AI score
Exploits0References2
Fedora
Fedora
added 2022/11/23 1:20 a.m.40 views

[SECURITY] Fedora 36 Update: varnish-7.0.3-2.fc36

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF=BD =EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...

7.5CVSS7.4AI score0.012EPSS
Exploits0
Fedora
Fedora
added 2022/11/23 1:17 a.m.35 views

[SECURITY] Fedora 37 Update: varnish-7.1.2-1.fc37

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF=BD =EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...

7.5CVSS7.4AI score0.012EPSS
Exploits0
Circl
Circl
added 2022/11/22 9:5 p.m.10 views

CVE-2022-36449

creationtimestamp| type| source ---|---|--- 2022-11-22 21:05:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html 2022-11-24 12:08:24+00:00| published-proof-of-concept| https://t.me/truesecator/3742 2023-06-12 00:58:47+00:00| published-proof-of-concept|...

6.5CVSS6.6AI score0.00875EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2022/11/22 12:0 a.m.33 views

virt-v2v security, bug fix, and enhancement update

2.0.7-6.0.1 - Replaced bugzilla.oracle.com references Orabug: 34202300 - replaced upstream references Orabug:34089586 1:2.0.7-6 - Install qemu-ga package during conversion resolves: rhbz2028764 1:2.0.7-5 - Remove LVM2 devices file during conversion resolves: rhbz2112801 - Add support for Zstandar...

6.5CVSS7.1AI score0.00774EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/11/21 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2022:4071-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.02453EPSS
Exploits1References2
OSV
OSV
added 2022/11/18 12:6 p.m.5 views

SUSE-SU-2022:4071-1 Security update for python39

This update for python39 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - Allow building of documentation wit...

7.8CVSS8.3AI score0.02453EPSS
Exploits1References5
OSV
OSV
added 2022/11/15 4:10 p.m.7 views

SUSE-SU-2022:4004-1 Security update for python310

This update for python310 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - allow building of documentation wi...

7.8CVSS8.3AI score0.02453EPSS
Exploits1References5
OSV
OSV
added 2022/11/15 4:8 p.m.5 views

SUSE-SU-2022:3999-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in formattimespan function bsc1204968. - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 0469b9f2bc pstore: do not try to load all known pstore modules ad05f54439 pstore: Run after modules are loaded...

5.5CVSS5.8AI score0.00412EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2022/11/15 3:35 p.m.13 views

containers-common bug fix and enhancement update

An update is available for containers-common. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The containers-common package contains common configuration files a...

1.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.10 views

The function _execute could be called externally

Lines of code Vulnerability details Author: rotcivegaf Impact The execute use a modifier to only can called internally, also specified in the documentation of the function: Must be called internally. But this modifier can be pass if a contract call the execute or bulkExecute and in the returnDust...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/13 12:0 a.m.6 views

Initialization function can be front-run

Lines of code Vulnerability details Detailed description of the impact of this finding: Exchange.sol has initialization function that can be front-run, allowing an attacker to incorrectly initialize the contract. Due to the use of the delegatecall proxy pattern, Exchange.sol cannot be initialized...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.7 views

Fedora: Security Advisory for python3-docs (FEDORA-2022-362bd01539)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 12:7 p.m.41 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service due to CVE-2022-25647

Summary Google Gson is used by IBM App Connect Enterprise Certified Container in the JDBC connector. IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service. This bulletin provides patch information to address th...

7.7CVSS7.5AI score0.1158EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 12:0 p.m.40 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1292

Summary OpenSSL is used by IBM App Connect Enterprise Certified Container for processing certificates. IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability CVE-2022-129...

9.8CVSS9.8AI score0.83223EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 11:22 a.m.48 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28615

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality. This bulletin provides patch information...

9.1CVSS9.1AI score0.05729EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 11:9 a.m.43 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service due to CVE-2020-13950

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service. This bulletin provides patch information to...

7.5CVSS8.2AI score0.49089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 10:54 a.m.35 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-29824

Summary GNOME libxml2 is not used directly by IBM App Connect Enterprise Certified Container but is present in the operand images as part of the base operating system. Use of libxml2 within IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution and...

6.5CVSS7.8AI score0.0363EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 10:43 a.m.33 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1586

Summary PCRE2 is provided as part of the base operating system in IBM App Connect Enterprise Certified Container operands. IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported...

9.1CVSS9.4AI score0.02993EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 6:24 p.m.42 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0235

Summary Node.js module node-fetch is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability...

6.1CVSS7.5AI score0.01646EPSS
Exploits1Affected Software1
Rows per page
Query Builder