Lucene search
K

2082 matches found

RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.2 views

kernel: efi: runtime: Fix potential overflow of soft-reserved region size

A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service...

6CVSS7.2AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: efi: runtime: Fix potential overflow of soft-reserved region size

A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service...

6CVSS7.2AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.2 views

kernel: xhci: Handle TD clearing for multiple streams case

A vulnerability was found in the Linux kernel's xHCI driver, related to the handling of TD when multiple streams are active, where the issue occurs when the endpoint is stopped, causing TD to remain uncleared, which can lead to system crashes and memory corruption due to stale TD references...

7.8CVSS7.2AI score0.00292EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability in the web interface of the software requirement management tool during the development of IBM Engineering Requirements Management DOORS allows a perpetrator to gain unauthorized access to protected information or affect the accessibility of that information.

The vulnerability of the IBM Engineering Requirements Management DOORS web interface during software development is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or...

7.5CVSS7.7AI score0.00614EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2024/08/05 6:47 a.m.16 views

[SECURITY] Fedora 39 Update: trafficserver-9.2.5-1.fc39

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

9.1CVSS9.4AI score0.01085EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.4 views

PT-2024-37395 · Hamastar · Hamastar Meetinghub Paperless Meetings

Name of the Vulnerable Software and Affected Versions: Hamastar MeetingHub Paperless Meetings version 2021 Description: A Plaintext Storage of a Password issue in the ebooknote function allows remote attackers to obtain other users' credentials and gain access to the product via an XML file...

9.3CVSS7.5AI score0.00484EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/30 9:58 p.m.6 views

Moderate: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.2.2 bugfix release

Red Hat Developer Hub 1.2.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

6.5CVSS6.5AI score0.00929EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.3 views

PT-2024-29612 · Sdop +1 · Sdop +1

Name of the Vulnerable Software and Affected Versions: SDoP versions prior to 1.11 Description: The issue is related to the handling of parameters inside input data, resulting in a stack-based buffer overflow. This can lead to arbitrary code execution when a user processes a specially crafted XML...

8.8CVSS7.8AI score0.00535EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.3 views

The vulnerability of the SINEMA Remote Connect client web interface, related to security mechanism failures, allows attackers to view and edit protected information regarding VxLAN network configurations.

The vulnerability of the SINEMA Remote Connect client web interface is related to security mechanism errors. Exploiting this vulnerability allows an attacker to remotely view and edit protected information regarding VxLAN network configurations without proper access rights...

8CVSS7.2AI score0.00361EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.4 views

The vulnerability of the JT Open Toolkit (JTTK) and PLM XML SDK development tools is related to pointer assignment errors, which allow attackers to trigger a service failure.

The vulnerability of the JT Open Toolkit JTTK and PLM XML SDK development tools is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by loading a specially created malicious XML file...

3.3CVSS7.2AI score0.00159EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/07/09 12:15 p.m.6 views

CVE-2024-39868

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of...

7.3CVSS7AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 12:15 p.m.2 views

CVE-2024-39570

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 HF1. Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code...

8.8CVSS7.4AI score0.01353EPSS
Exploits0References1
Fedora
Fedora
added 2024/07/09 1:55 a.m.51 views

[SECURITY] Fedora 40 Update: httpd-2.4.61-1.fc40

The Apache HTTP Server is a powerful, efficient, and extensible web server...

9.8CVSS6.9AI score0.99957EPSS
Exploits2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Siemens SINEMA Remote Connect Server 安全漏洞

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from a forced browsing vulnerability due to the failure ...

7.6CVSS6.8AI score0.00361EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.5 views

PT-2024-5098 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 HF1 Description: A vulnerability has been identified in SINEMA Remote Connect Server due to missing server-side input sanitation when loading VxLAN configurations. This could allow an...

9CVSS8AI score0.01353EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.7 views

PT-2024-5097 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server, related to errors in security mechanisms. This issue allows an unauthenticated attacker to access an...

8CVSS7.4AI score0.00361EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of the Guided Procedures component of the SAP NetWeaver AS for Java software used for creating and deploying web applications allows a malicious individual to gain unauthorized access to confidential information.

The vulnerability of the Guided Procedures component in the SAP NetWeaver AS for Java web application creation and deployment software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to...

8.6CVSS7.5AI score0.00516EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of the Oozie Workflow Scheduler component of the Apache Ambari software, which allows attackers to perform XXE attacks

The vulnerability of the Oozie Workflow Scheduler component of the Apache Ambari software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a remote attacker to perform XXE attacks...

5.5CVSS6.6AI score0.00865EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/03 5:57 a.m.1 views

JP1/Extensible SNMP Agent fails to restrict access permissions

Overview JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions CWE-276. Yutaka Kokubu, Shun Suzaki, and Kazuki Hirota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.8CVSS6.9AI score0.00173EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/03 12:0 a.m.22 views

JVN#94347255: JP1/Extensible SNMP Agent fails to restrict access permissions

JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions CWE-276. Impact If an authenticated attacker who can log in to the product places a specially crafted DLL file in a specific directory, arbitrary code may be executed with the administrative privilege. Solution...

7.8CVSS7.6AI score0.00173EPSS
Exploits0
Rows per page
Query Builder