Lucene search
+L

43 matches found

Hacker One
Hacker One
added 2023/03/13 10:26 p.m.279 views

Internet Bug Bounty: Potential DoS vulnerability in Django in multipart parser

A potential denial-of-service vulnerability was discovered in Django's multipart parser, which could result in too many open files or memory exhaustion. This vulnerability was fixed in Django 3.2.18, 4.0.10, and 4.1.7 by limiting the number of file parts parsed via a new setting. The severity of...

7.5CVSS7.3AI score0.62575EPSS
Exploits0
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.369 views

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

9.1CVSS0.01959EPSS
Exploits2
Intel
Intel
added 2022/10/19 12:0 a.m.53 views

2022.2 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21233 Description: Improper isolation of shared resources in some IntelR...

5.5CVSS5.5AI score0.00324EPSS
Exploits0
OSV
OSV
added 2022/08/01 12:0 a.m.22 views

ASB-A-233078742

In ioreqinitasync there is a potential use after free due to a race condition. This could lead to local escalation of privileges with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.6AI score0.01002EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2022/04/20 12:0 a.m.80 views

java-11-openjdk security update

1:11.0.15.0.9-2 - Add JDK-8284920 fix for XPath regression - Related: rhbz2073422 1:11.0.15.0.9-2 - Remove security items from release notes that were only in 17u and N/A for 11u - Related: rhbz2073422 1:11.0.15.0.9-1 - Update to jdk-11.0.15.0+9 - Update release notes to 11.0.15.0+9 - Switch to G...

7.5CVSS1.6AI score0.04046EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/01/24 12:0 a.m.61 views

java-11-openjdk security update

1:11.0.14.0.9-1.0.1 - link atomic for ix86 build 1:11.0.14.0.9-1 - Update to jdk-11.0.14.0+9 - Update release notes to 11.0.14.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2022-01-18 @ 1pm PT. - Resolves: rhbz2039366 1:11.0.14.0.8-0.1.ea - Update to jdk-11.0.14.0+8...

5.3CVSS1.6AI score0.08346EPSS
Exploits0
Oracle linux
Oracle linux
added 2021/10/20 12:0 a.m.71 views

java-1.8.0-openjdk security and bug fix update

1:1.8.0.312.b07-1 - Update to aarch64-shenandoah-jdk8u312-b07 EA - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz2011826 1:1.8.0.312.b05-0.3.ea - Add patch to improve performance of common separato...

7.1CVSS1.5AI score0.14839EPSS
Exploits0
Oracle linux
Oracle linux
added 2021/10/20 12:0 a.m.100 views

java-1.8.0-openjdk security and bug fix update

1:1.8.0.312.b07-1 - Update to aarch64-shenandoah-jdk8u312-b07 EA - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz2011826 1:1.8.0.312.b05-0.4.ea - Allow plain key import to be disabled with...

7.1CVSS1.2AI score0.14839EPSS
Exploits0
Oracle linux
Oracle linux
added 2021/04/21 12:0 a.m.192 views

java-1.8.0-openjdk security update

1:1.8.0.292.b10-0 - Update to aarch64-shenandoah-jdk8u292-b10 GA - Update release notes for 8u292-b10. - Update tarball generation script to use PR3822 which handles JDK-8233228 & JDK-8035166 changes - Remove RH1868759 patch as this is now resolved upstream by JDK-8258833. - Re-organise S/390...

5.3CVSS0.03566EPSS
Exploits0
Oracle linux
Oracle linux
added 2020/07/16 12:0 a.m.47 views

java-11-openjdk security and enhancement update

1:11.0.8.10-0 - Update to shenandoah-jdk-11.0.8+10 GA - Switch to GA mode for final release. - Update release notes with last minute fix JDK-8248505. - This tarball is embargoed until 2020-07-14 @ 1pm PT. - Resolves: rhbz1838811 1:11.0.8.9-0.0.ea - Update to shenandoah-jdk-11.0.8+9 EA - Update...

8.3CVSS1.3AI score0.05166EPSS
Exploits0
Hacker One
Hacker One
added 2020/06/23 10:2 p.m.35 views

X (Formerly Twitter): Android WebViews in Twitter app are vulnerable to UXSS due to configuration and CVE-2020-6506

Summary: CVSS score: 8.1 / High / CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Embargo notice: Do Not Disclose publicly until https://crbug.com/1083819 is disclosed. Twitter for Android is affected by a UXSS vulnerability due to its configuration of Android WebView and CVE-2020-6506. Vendor...

4.3CVSS8.4AI score0.03819EPSS
Exploits0
Packet Storm
Packet Storm
added 2016/05/03 12:0 a.m.89 views

libxml 2.9.2 Stack Overflow

Hi This is a disclosure of the following issue that was raised a week ago on the distro's mailing list. Both bugs on the gnome bugtracker are currently private and should be made public now. The two attached patches are based off the 2.9.3 libxml2 release. A couple of weeks back while working on ...

5CVSS0.1AI score0.07025EPSS
Exploits1
securityvulns
securityvulns
added 2015/07/05 12:0 a.m.191 views

CollabNet Subversion Edge Password Hash Leak

Vuln Title: The CollabNet Subversion Edge Management frontend user credential hash leak Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Credential leak Risk: Medium Status: public/fixed Fixed...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2015/07/05 12:0 a.m.66 views

CollabNet Subversion Edge tail local file inclusion

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...

1.1AI score
Exploits0
0day.today
0day.today
added 2015/07/01 12:0 a.m.34 views

CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion Vulnerability

Exploit for linux platform in category web applications Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabN...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/30 12:0 a.m.22 views

CollabNet Subversion Edge Management Show LFI

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via "fileName" parameter of the show action Date: 10.10.2014 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local file...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/30 12:0 a.m.17 views

CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion

CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/30 12:0 a.m.28 views

CollabNet Subversion Edge Management Tail LFI

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/29 12:0 a.m.17 views

CollabNet Subversion Edge Management Credential Leak

Vuln Title: The CollabNet Subversion Edge Management frontend user credential hash leak Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Credential leak Risk: Medium Status: public/fixed Fixed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/29 12:0 a.m.24 views

CollabNet Subversion Edge Management downloadHook LFI

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

7.4AI score
Exploits0
Rows per page
Query Builder