Lucene search
+L

3702 matches found

Patchstack
Patchstack
added 2023/12/27 12:0 a.m.20 views

WordPress Checkout Mestres WP Plugin <= 7.1.9.7 is vulnerable to Privilege Escalation

Software Checkout Mestres WP Type Plugin Vulnerable versions = 7.1.9.7 Fixed in 7.1.9.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-51472 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 9fb8ab95cc18 Credits...

9.8CVSS6.5AI score0.00657EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.7 views

The vulnerability of the `chunk_free_object` function in the `gsmchunk.c` component of the Ghostscript software suite allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the chunkfreeobject function in the gsmchunk.c component of the Ghostscript document processing software lies in the handling of buffer overflows. Exploitation of this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even...

9.3CVSS6.4AI score0.00811EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.9 views

The vulnerability of the Django web application platform, related to uncontrolled resource consumption, allows attackers to trigger service failures.

The vulnerability of the Django web application framework is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.4AI score0.62575EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.7 views

The vulnerability of the Zabbix universal monitoring system, related to logging beyond buffer boundaries, allows a intruder to trigger a service failure.

The vulnerability of the Zabbix universal monitoring system is related to logging beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS6.5AI score0.00783EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.6 views

The vulnerability of the Expat XML parsing library lies in the improper limitation on XML references to external objects. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Expat XML parsing library is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...

6.8CVSS7AI score0.20093EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.6 views

The vulnerability of the Django web application software lies in the fact that code is loaded without any checks for its integrity. This allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the Django web application framework lies in the fact that code is loaded without any checks for its integrity. Exploiting this vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause service failures...

10CVSS7.3AI score0.00657EPSS
Exploits0References15Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/22 12:0 a.m.12 views

The vulnerability of the engineer mode of Unisoc microprogrammed software processors allows a hacker to trigger a service failure.

The vulnerability of the engineer mode of Unisoc microprogrammed chipset software is related to unverified array indexing. Exploiting this vulnerability can allow attackers to cause service failures...

4CVSS5.9AI score0.00092EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/22 12:0 a.m.10 views

The vulnerability of the Apache Dubbo RPC framework, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code or cause service failures.

The vulnerability of the Apache Dubbo RPC framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

10CVSS8.3AI score0.07401EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2023/12/19 12:15 a.m.25 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS0.01421EPSS
Exploits0References9
OSV
OSV
added 2023/12/19 12:15 a.m.7 views

AZL-34943 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.6AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 12:15 a.m.10 views

AZL-32199 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.5AI score0.01421EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/12/19 12:15 a.m.47 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References6
Prion
Prion
added 2023/12/19 12:15 a.m.28 views

Design/Logic Flaw

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5CVSS6.8AI score0.01421EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2023/12/19 12:15 a.m.8 views

UBUNTU-CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.9 views

The vulnerability of the CSS parser for Node.js’s css-tools arises from insufficient validation of input data, allowing attackers to trigger a service failure.

The vulnerability of the CSS parser for Node.js’s css-tools is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service failures...

7.8CVSS6.7AI score0.01121EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/12/18 11:27 p.m.446 views

CVE-2023-6918

CVE-2023-6918 affects the libssh library where MD operation backends do not properly check return values, potentially causing low-memory failures, NULL dereferences, crashes, or using uninitialized memory as input to the KDF. This can lead to non-matching keys resulting in decryption/integrity fa...

5.3CVSS5.7AI score0.01421EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2023/12/18 11:27 p.m.42 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6AI score0.01421EPSS
Exploits0References6
OSV
OSV
added 2023/12/18 11:27 p.m.25 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6.6AI score0.01421EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2023/12/18 11:27 p.m.51 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS5.4AI score0.01421EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.21 views

The vulnerability of embedded software developed by Qualcomm, related to deficiencies in the use of the assert() function, allows attackers to trigger a service failure.

The vulnerability of embedded software developed for Qualcomm chips lies in the improper implementation of the channel bandwidth division mechanism and the switching between subbands when performing Beam Switching. This occurs due to the use of the assert function. Exploiting this vulnerability c...

7.8CVSS7.2AI score0.00515EPSS
Exploits0References3
Rows per page
Query Builder