Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/09/14 12:0 a.m.35 views

CBL Mariner 2.0 Security Update: curl (CVE-2024-6197)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6197 advisory. - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an...

7.5CVSS7.4AI score0.04296EPSS
Exploits1References2
Veracode
Veracode
added 2024/07/04 7:9 a.m.17 views

Denial Of Service

kibana is vulnerable to Denial Of Service. The vulnerability is due to the ability of a high-privileged user to affect the availability of Kibana by uploading a maliciously crafted osquery pack. An attacker can disrupt Kibana's availability by exploiting this flaw...

4.9CVSS6.9AI score0.01764EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/05/15 6:7 p.m.13 views

GHSA-2M5G-8XPW-42VP OpenCFP Framework (Sentry) Account takeover via null password reset codes

OpenCFP, an open-source conference talk submission system written in PHP, contains a security vulnerability in its third-party authentication framework, Sentry, developed by Cartalyst. The vulnerability stems from how Sentry handles password reset checks. Users lacking a password reset token stor...

8.9CVSS7.2AI score
Exploits0References3
HackRead
HackRead
added 2024/05/03 11:13 p.m.19 views

New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw

By Waqas A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. penspark This is a post from HackRead.com Read the original post: New Goldoon Botnet Targeting...

7.3AI score
Exploits0
Mageia
Mageia
added 2023/10/27 9:49 p.m.68 views

Updated bind packages fix security vulnerabilities

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

7.5CVSS6.9AI score0.02626EPSS
Exploits0References2
Veracode
Veracode
added 2023/10/27 8:23 a.m.23 views

Arbitrary Code Execution

traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...

5.5CVSS8AI score0.00367EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder