Lucene search
K

21 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 9:24 p.m.12 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator

Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.4 Vulnerability Details CVEID:CVE-2026-33173 DESCRIPTION: Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController...

9.8CVSS5.8AI score0.00838EPSS
Exploits0Affected Software5
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.1 views

RHEL 9 : grafana-pcp (RHSA-2026:3818)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3818 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and...

7.5CVSS5.9AI score0.01945EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-16167

Malware in sbrugna...

5.5CVSS6.9AI score0.00606EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-18164

Malware in sbrugna...

5.5CVSS6.3AI score0.00606EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-54025

Malicious code in bioql PyPI...

7.2AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32177

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00923EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:49 p.m.14 views

CVE-2022-22588

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service...

5.5CVSS5.9AI score0.09437EPSS
Exploits0References1
Amazon
Amazon
added 2025/04/16 12:0 a.m.11 views

Medium: nerdctl

Issue Overview: Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing...

8.7CVSS7.1AI score0.00369EPSS
Exploits0
Veracode
Veracode
added 2025/03/27 2:24 p.m.7 views

Denial Of Service (DoS)

H2O-3 is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of highly compressed data due to repeatedly parsing a large GZIP file, leading to memory exhaustion and a large number of slow-running jobs, making the server unresponsive...

7.5CVSS7AI score0.00719EPSS
Exploits1References4Affected Software2
Vulnrichment
Vulnrichment
added 2025/03/17 10:4 p.m.8 views

CVE-2025-29910 CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A memory leak vulnerability was identified in the...

6.9CVSS6.7AI score0.0046EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-34156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

7.5CVSS6.8AI score0.01403EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.4 views

PT-2024-1751

Vulnerability Report Name of the Vulnerable Software and Affected Versions BIND versions 9.16.48-1 through 9.18.24-1 Unbound versions 1.19.1-alt1 PDNS Recursor versions 4.8.6-1 Knot Resolver versions 5.6.0-1+deb12u1 systemd affected versions not specified dnsmasq affected versions not specified...

8CVSS8AI score0.99995EPSS
Exploits1References387
Rockylinux
Rockylinux
added 2022/05/10 8:1 a.m.31 views

compat-exiv2-026 security update

An update is available for compat-exiv2-026. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Exiv2 is a C++ library to access image metadata, supporting read and...

6.5CVSS6.6AI score0.01432EPSS
Exploits1
AlmaLinux
AlmaLinux
added 2022/05/10 6:31 a.m.41 views

Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

6.5CVSS6.7AI score0.01432EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2022/01/13 4:58 a.m.42 views

Apple Releases iPhone and iPad Updates to Patch HomeKit DoS Vulnerability

Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service DoS issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes fo...

5.5CVSS0.3AI score0.09437EPSS
Exploits0
Prion
Prion
added 2021/08/19 10:15 p.m.24 views

Stack overflow

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...

4.3CVSS6AI score0.01432EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/08/19 10:15 p.m.9 views

PYSEC-2021-885

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service DOS via a crafted file...

6.5CVSS7AI score
Exploits0References2
OSV
OSV
added 2019/03/27 6:29 p.m.7 views

CVE-2019-1000031

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

7.5CVSS7.1AI score0.0373EPSS
Exploits2References3
CVE
CVE
added 2019/03/27 5:55 p.m.58 views

CVE-2019-1000031

The CVE-2019-1000031 entry affects the article2pdf WordPress plugin, specifically versions 0.24–0.27. The root cause is in article2pdf_getfile.php: when a user visits the PDF generation link but does not follow the redirect, the generated PDF file is left on disk and not deleted by the plugin, le...

7.5CVSS7.4AI score0.0373EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/21 12:0 a.m.62 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2017:3388-1)

This update for ImageMagick fixes the following issues : - CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service bsc1061254 - CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service bsc1060176 -...

9.8CVSS6.9AI score0.03397EPSS
Exploits14References98
Rows per page
Query Builder