Lucene search
+L

92 matches found

CNNVD
CNNVD
added 2024/08/22 12:0 a.m.4 views

Matrix libolm 安全漏洞

Matrix libolm olm is a cryptographic library from the Matrix Foundation. A security vulnerability exists in Matrix libolm version 3.2.16 and prior versions, which stems from the lack of a validation standard and the presence of Ed25519 signature extensibility...

4.3CVSS6.5AI score0.00284EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.6 views

Elliptic 安全漏洞

Elliptic is a library of fast elliptic curve ciphers in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.6, which stems from a lack of checking whether the leading bits of r and s are zero, and thus an ECDSA signature extensibility issu...

5.3CVSS7.3AI score0.00459EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/07/19 7:57 p.m.14 views

CVE-2024-41121 Custom workspace allow to overwrite plugin entrypoint executable in Woodpecker

Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets w...

8.8CVSS8.7AI score0.00737EPSS
Exploits0References6
Fedora
Fedora
added 2024/05/01 1:38 a.m.38 views

[SECURITY] Fedora 38 Update: nextcloud-28.0.4-2.fc38

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

3.7CVSS4.4AI score0.00452EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/03/18 6:49 p.m.14 views

Important: Red Hat Enhancement Advisory: Red Hat Developer Hub 1.1 release

Red Hat Developer Hub 1.1 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single pa...

9.8CVSS7AI score0.99999EPSS
Exploits22References1
Fedora
Fedora
added 2024/03/07 10:33 p.m.23 views

[SECURITY] Fedora 40 Update: jdepend-2.10-10.fc40

JDepend traverses a set of Java class and source file directories and generates design quality metrics for each Java package. JDepend allows you to automatically measure the quality of a design in terms of its extensibility, reusability, and maintainability to effectively manage and control packa...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.7 views

Limited functionality due to Primitive's balance being decreased before it is called

Lines of code Vulnerability details Impact In the current implementation, the balance of a primitive is decreased burned before it is called. This requires the primitive to hold outputAmount of outputToken before a transaction, which severely restricts the functionality it can provide and has no...

7.1AI score
Exploits0
Fedora
Fedora
added 2023/10/20 1:8 a.m.42 views

[SECURITY] Fedora 37 Update: trafficserver-9.2.3-1.fc37

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

7.5CVSS7.5AI score0.99999EPSS
Exploits20
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.6 views

gnark-crypto Code Issue Vulnerability

gnark-crypto is an open source library from Consensys. Provides elliptic curve and pairing-based cryptography on BN, BLS12, BLS24 and BW6 curves. A code issue vulnerability exists in Consensys gnark-crypto 0.11.2 and earlier versions, which stems from the presence of a deserialization vulnerabili...

9.8CVSS7.1AI score0.00844EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/06/24 12:0 a.m.18 views

Fedora: Security Advisory for trafficserver (FEDORA-2023-2e6bead58b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.02005EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/06/21 12:0 a.m.17 views

[adriro-NEW-M-02]: Wallet design prevents EIP-165 extensibility

Lines of code Vulnerability details adriro-NEW-M-02: Wallet design prevents EIP-165 extensibility The current wallet fallback design prevents the extensibility of the EIP-165 functionality. Impact Ambire wallet extensibility is provided by a fallback mechanism. If a fallback handler is defined in...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2022/12/25 11:30 a.m.49 views

OFRAK - Unpack, Modify, And Repack Binaries

OFRAK Open Firmware Reverse Analysis Konsole is a binary analysis and modification platform. OFRAK combines the ability to: Identify and Unpack many binary formats Analyze unpacked binaries with field-tested reverse engineering tools Modify and Repack binaries with powerful patching strategies...

7.4AI score
Exploits0References7
NVD
NVD
added 2021/07/15 8:15 p.m.21 views

CVE-2021-0291

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...

6.5CVSS0.01008EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/15 8:1 p.m.24 views

CVE-2021-0291 Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...

6.5CVSS6.4AI score0.01008EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2021/07/08 6:14 p.m.57 views

What's New in InsightIDR: Q2 2021 in Review

This year, we’re focusing on providing customers with more extensibility and customization in InsightIDR — from adding new event sources to completely refreshing our Dashboard and Reporting experience, we’ve made some strides over the last few months. This post offers a closer look at some of the...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/06/13 3:41 p.m.3 views

lua-resty-waf

This is a Lua library for building a web application firewall WAF on top of the OpenResty stack. The library is called "lua-resty-waf" and is maintained by Robert Paprocki p0pr0ck5. The library provides a set of APIs for loading and managing rules, as well as for logging and storing data. It also...

8AI score
Exploits0
Fedora
Fedora
added 2020/10/15 2:28 p.m.55 views

[SECURITY] Fedora 32 Update: claws-mail-3.17.7-1.fc32

Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...

7.5CVSS2.1AI score0.01781EPSS
Exploits1
Fedora
Fedora
added 2020/08/02 1:24 a.m.44 views

[SECURITY] Fedora 32 Update: claws-mail-3.17.6-1.fc32

Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...

9.8CVSS2.1AI score0.02592EPSS
Exploits0
Fedora
Fedora
added 2020/08/02 1:9 a.m.56 views

[SECURITY] Fedora 31 Update: claws-mail-3.17.6-1.fc31

Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...

9.8CVSS2.1AI score0.02592EPSS
Exploits0
Kitploit
Kitploit
added 2020/07/20 9:30 p.m.53 views

PENIOT - Penetration Testing Tool for IoT

PENIOT is a penetration testing tool for Internet of Things IoT devices. It helps you to test/penetrate your devices by targeting their internet connectivity with different types of security attacks. In other words, you can expose your device to both active and passive security attacks. After...

7AI score
Exploits0References3
Rows per page
Query Builder