Lucene search
+L

200 matches found

OSV
OSV
added 2022/04/24 9:48 p.m.4 views

GSD-2022-1001854 dax: make sure inodes are flushed before destroy cache

dax: make sure inodes are flushed before destroy cache This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:21 p.m.9 views

GSD-2022-1001541 dax: make sure inodes are flushed before destroy cache

dax: make sure inodes are flushed before destroy cache This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/18 12:29 a.m.6 views

GSD-2022-1000897 ibmvnic: free reset-work-item when flushing

ibmvnic: free reset-work-item when flushing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.233 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/18 12:21 a.m.9 views

GSD-2022-1000826 ibmvnic: free reset-work-item when flushing

ibmvnic: free reset-work-item when flushing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.104 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/18 12:16 a.m.10 views

GSD-2022-1000764 ibmvnic: free reset-work-item when flushing

ibmvnic: free reset-work-item when flushing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.27 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/18 12:10 a.m.14 views

GSD-2022-1000694 ibmvnic: free reset-work-item when flushing

ibmvnic: free reset-work-item when flushing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.13 by commit...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/02/26 12:6 p.m.7 views

flushingpodiatrist.com Cross Site Scripting vulnerability OBB-2384413

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/02/09 10:37 p.m.45 views

Improper privilege handling in Apache Accumulo

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8.1CVSS7.8AI score0.03655EPSS
Exploits0References8Affected Software1
Huntr
Huntr
added 2021/09/24 1:58 a.m.9 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description CSRF in flushing peer Proof of Concept 1. Login stafff/admin account 2. Access this link https://unit3d.site/dashboard/flush/peers 3. See that the peers has been flushed. Impact This vulnerability is capable of flushing peers...

1.3AI score
Exploits0
Huntr
Huntr
added 2021/09/01 10:19 a.m.13 views

Forced Browsing in slackero/phpwcms

✍️ Description Image cache can be flushed by any authenticated, low privileged user. 🕵️‍♂️ Proof of Concept - Register a low privileged user without any administrator access. - Log in with the low privileged user - Open the following URL:...

0.4AI score
Exploits0
Amd
Amd
added 2021/06/12 12:0 a.m.42 views

TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)

Bulletin ID: AMD-SB-1023 Potential Impact: Loss of Integrity, Confidentiality and Availability Summary A malicious hypervisor HV along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buff...

8.4CVSS8.2AI score0.00239EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2019:13921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.06169EPSS
Exploits2References18
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:0825-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.06169EPSS
Exploits2References22
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2018:4070-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.00561EPSS
Exploits0References10
OSV
OSV
added 2021/02/08 5:43 p.m.18 views

GHSA-4PH2-8337-HM62 Key Caching behavior in the DynamoDB Encryption Client.

Impact This advisory concerns users of MostRecentProvider in the DynamoDB Encryption Client with a key provider like AWS Key Management Service that allows for permissions on keys to be modified. When key usage permissions were changed at the key provider, time-based key reauthorization logic in...

7.1AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/02/08 5:43 p.m.77 views

Key Caching behavior in the DynamoDB Encryption Client.

Impact This advisory concerns users of MostRecentProvider in the DynamoDB Encryption Client with a key provider like AWS Key Management Service that allows for permissions on keys to be modified. When key usage permissions were changed at the key provider, time-based key reauthorization logic in...

2.3AI score
Exploits0References4Affected Software1
OSV
OSV
added 2020/12/29 12:15 p.m.20 views

CVE-2020-17533

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8.1CVSS7AI score
Exploits0References3
Cvelist
Cvelist
added 2020/12/29 11:30 a.m.25 views

CVE-2020-17533 Apache Accumulo Improper Handling of Insufficient Permissions

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8AI score0.03655EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/07/16 7:42 a.m.12 views

Mozilla: Use-after-free in nsGlobalWindowInner

The Mozilla Foundation Security Advisory describes this flaw as: When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash...

9.3CVSS7.3AI score0.02322EPSS
Exploits0References5
NVD
NVD
added 2020/07/09 3:15 p.m.20 views

CVE-2020-12419

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and...

9.3CVSS0.02322EPSS
Exploits0References11
Rows per page
Query Builder