Lucene search
K

4722 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:15 p.m.9 views

CVE-2022-26117

An empty password in configuration file vulnerability CWE-258 in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI...

8.8CVSS6.7AI score0.00876EPSS
Exploits0References1
Amazon
Amazon
added 2025/02/04 12:0 a.m.23 views

Medium: python

Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...

9.1CVSS7.8AI score0.05582EPSS
Exploits1
Amazon
Amazon
added 2025/02/04 12:0 a.m.5 views

Medium: python3

Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...

9.1CVSS7AI score0.05582EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2025/02/03 8:56 a.m.3 views

Security update for runc

This update for runc fixes the following issues: Update to runc v1.1.14. Upstream changelog is available from . CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092 Update to runc v1.1.13. Upstream changelog is available from . Fixed a performanc...

3.6CVSS7.2AI score0.00317EPSS
Exploits0References10
OSV
OSV
added 2025/01/29 10:21 p.m.1 views

GHSA-8655-XGH5-5VVQ fast-fault has a segmentation fault due to lack of bound check

In this case, the "fastfloat::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

5.9AI score
Exploits0References3
OSV
OSV
added 2025/01/29 10:19 p.m.2 views

GHSA-JQCP-XC3V-F446 fast-float2 has a segmentation fault due to lack of bound check

In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.4AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/01/29 10:19 p.m.7 views

fast-float2 has a segmentation fault due to lack of bound check

In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.4AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.3 views

PT-2025-5633 · Unknown · Fast-Float

Name of the Vulnerable Software and Affected Versions: fast-float affected versions not specified Description: The issue arises from the fast float::common::AsciiStr::first method within the AsciiStr struct, which uses the unsafe keyword to read from memory without performing bounds checking. It...

6.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.3 views

PT-2025-5638 · Crates.Io · Fast-Float2

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned. Description: The issue arises from the fast float2::common::AsciiStr::first method within the AsciiStr struct, which uses the unsafe keyword to read from memory without performing bounds checking...

7AI score
Exploits0References5
Atlassian
Atlassian
added 2025/01/22 2:24 p.m.20 views

When using an Oracle DB, application properties can't be set to empty

h3. Issue Summary The jira.security.csp.sandbox.included.content.disposition application property accepts: Empty value "attachment" "inline" "attachment;inline" or "inline;attachment" If Jira is installed using an Oracle database, the empty value is never set. This happens because Oracle treats...

6.8AI score
Exploits0
Patchstack
Patchstack
added 2025/01/20 12:0 a.m.6 views

WordPress Empty Tags Remover Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Empty Tags Remover versions = 1.0...

7.1CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/17 3:6 p.m.8 views

BIT-PYTHON-MIN-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

6.1CVSS5.6AI score0.01326EPSS
Exploits0References6
OSV
OSV
added 2025/01/13 5:59 p.m.2 views

BELL-CVE-2024-56766

Bulletin has no description...

7.8CVSS6.5AI score0.00217EPSS
Exploits0References1
RustSec
RustSec
added 2025/01/13 12:0 p.m.4 views

Segmentation fault due to lack of bound check

In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.4AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/01/13 12:0 p.m.9 views

Segmentation fault due to lack of bound check

In this case, the "fastfloat::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.2 views

PT-2025-5673 · Crates.Io · Fast-Float2

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned, so the information cannot be determined. Description: The issue arises from the fast float2::common::AsciiStr::first method within the AsciiStr struct, which uses the unsafe keyword to read from...

7.2AI score
Exploits0References4
OSV
OSV
added 2025/01/10 10:2 a.m.9 views

CLSA-2025-1736503350 haproxy: Fix of CVE-2023-40225

CVE-2023-40225: Fix forward empty Content-Length headers issue...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/01/10 8:0 a.m.3 views

runc can be confused to create empty files/directories on the host

...

3.6CVSS6.3AI score0.00317EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.7 views

PT-2025-36318

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the 8250 serial driver. When the PSLVERR RESP EN parameter is set to 1, the device can generate an error response when attempting to read an...

5.5CVSS6.1AI score0.00157EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-54210

Name of the Vulnerable Software and Affected Versions GNU Recutils versions prior to 1.9 Description A flaw exists in the encryption and decryption processes of GNU Recutils that can lead to a Denial of Service DoS. This occurs when an empty value is provided as a password. Recommendations Update...

7.5CVSS6.4AI score0.00317EPSS
Exploits2References10
Rows per page
Query Builder