Lucene search
K

271 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•9 views

ROS-2-1059

2.1059 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•7 views

ROS-2-1133

2.1133 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
•added 2023/06/22 6:28 p.m.•39 views

Security Bulletin: IBM Storage Protect Server is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003)

Summary FasterXML jackson-databind is used by IBM Storage Protect Server and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the...

7.5CVSS7.4AI score0.02706EPSS
Exploits3Affected Software1
CNNVD
CNNVD
•added 2023/06/11 12:0 a.m.•8 views

Froxlor ęŽˆęƒé—®é¢˜ę¼ę“ž

Froxlor is a lightweight server management software from the Froxlor team. An authorization issue vulnerability exists in versions of Froxlor prior to 2.1.0 that stems from session fixing...

5.4CVSS5AI score0.00431EPSS
Exploits1References3
Github Security Blog
Github Security Blog
•added 2023/05/22 8:33 p.m.•31 views

Potential HTTP policy bypass when using header rules in Cilium

Impact This issue only impacts users who: - Have a HTTP policy that applies to multiple toEndpoints AND - Have an allow-all rule in place that affects only one of those endpoints In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies...

5.3CVSS5.8AI score0.00655EPSS
Exploits0References6Affected Software1
OSV
OSV
•added 2023/05/20 2:1 p.m.•9 views

OSV-2023-415 UNKNOWN READ in dxf_fixup_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59097 Crash type: UNKNOWN READ Crash state: dxffixupstring dwgdxfLAYOUTprivate dwgdxfLAYOUT...

7.2AI score
Exploits0References1
OSV
OSV
•added 2023/04/04 11:32 a.m.•3 views

SUSE-SU-2023:1759-1 Security update for dpdk

This update of dpdk fixes the following issues: - rebuild the package with the new secure boot key bsc1209188...

7.2AI score
Exploits0References2
Code423n4
Code423n4
•added 2023/03/19 12:0 a.m.•13 views

My Findings

Lines of code Vulnerability details Impact 1. Integer overflow: In the publishCompressedBytecode function, the check dictionary.length = 2 16 8 is intended to ensure that the dictionary does not become too large, but it is not sufficient to prevent an integer overflow. If dictionary.length exceed...

7.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
•added 2023/03/17 7:28 p.m.•21 views

Security Bulletin: A denial of service vulnerability in JDOM affects IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments and IBM Spectrum Protect for Space Management (CVE CVE-2021-33813)

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments Data Protection for Microsoft Hyper-V and Data Protection for VMware and IBM Spectrum Protect for Space Management can be affected by a vulnerability in JDOM. The vulnerability can lead to a denial o...

7.5CVSS7.3AI score0.19442EPSS
Exploits1Affected Software3
OSV
OSV
•added 2023/03/07 2:36 p.m.•9 views

GSD-2023-1002338 IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

IB/IPoIB: Fix legacy IPoIB due to wrong number of queues This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...

7.2AI score
Exploits0
OSV
OSV
•added 2023/02/07 4:35 p.m.•13 views

SUSE-SU-2023:0310-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4450: Fixed double free after calling PEMreadbioex...

7.5CVSS7AI score0.59501EPSS
Exploits0References11
OSV
OSV
•added 2022/12/31 3:39 p.m.•5 views

OPENSUSE-SU-2022:10255-1 Security update for vlc

This update for vlc fixes the following issues: - Update to version 3.0.18 CVE-2022-41325, boo1206142: + macOS: Fix audio device listing with non-latin names. + Misc: Fix rendering and performance issue with older GPUs. + Updated translations. - Changes from version 3.0.18-rc2: + Codec/Demux: - A...

7.8CVSS7.9AI score0.00649EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/13 8:58 p.m.•81 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect Operations Center and Client Management Service (CVE-2022-34165)

Summary An HTTP header injection vulnerability in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect Operations Center and IBM Spectrum Protect Client Management Service. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5,...

5.4CVSS5.4AI score0.00458EPSS
Exploits0Affected Software1
OSV
OSV
•added 2022/12/13 7:40 a.m.•4 views

SUSE-SU-2022:4443-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: release-notes-susemanager: - Mention bsc1205339 at the release notes...

7.2AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
•added 2022/12/09 3:32 p.m.•20 views

Security Bulletin: Vulnerability in Newtonsoft.Json may affect IBM Spectrum Protect Snapshot for Windows

Summary IBM Spectrum Protect Snapshot for Windows may be affected by a denial of service vulnerability in Newtonsoft.Json Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by improper handling of StackOverFlow exception SOE...

7.1AI score
Exploits0Affected Software1
Kitploit
Kitploit
•added 2022/11/17 11:30 a.m.•32 views

nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

nuvola with the lowercase n is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. The general idea behind this project is to create an abstracted digita...

7.5AI score
Exploits0References6
OSV
OSV
•added 2022/11/14 7:53 p.m.•12 views

GSD-2022-1007610 xen/gntdev: Prevent leaking grants

xen/gntdev: Prevent leaking grants This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit 49bb053b1ec367b6883030eb2cca696e91435679,...

7.2AI score
Exploits0
Code423n4
Code423n4
•added 2022/10/23 12:0 a.m.•14 views

Wrong calculation in LBRouter._getAmountsIn.

Lines of code Vulnerability details Impact It calculates the amountsIn wrongly here and the function returns the wrong result. Proof of Concept Currently, getAmountsIn calculates the amountsIn like below. amountsIni - 1 = reserveIn amountOut 1000 / reserveOut - amountOut 997 + 1; As we can see...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/01 12:0 a.m.•10 views

_writeCheckpoint not working correctly if oldCheckpoint.fromBlock == block.number

Lines of code Vulnerability details Impact function writeCheckpoint uint256 toTokenId, uint256 nCheckpoints, uint256 memory delegatedTokenIds internal requiredelegatedTokenIds.length 0 && oldCheckpoint.fromBlock == block.number oldCheckpoint.delegatedTokenIds = delegatedTokenIds; else...

6.9AI score
Exploits0
CNVD
CNVD
•added 2022/07/08 12:0 a.m.•25 views

Synology Photo Station Session Fixation Vulnerability (CNVD-2022-67854)

Synology Photo Station is a solution for sharing pictures, videos and blogs over the Internet from Synology Inc. of Taiwan, China. A session fixation vulnerability exists in Synology Photo Station, which can be exploited by attackers to bypass security constraints via unspecified vectors...

8.1CVSS7.6AI score0.00931EPSS
Exploits0References1
Rows per page
Query Builder