Lucene search
+L

101 matches found

OSV
OSV
added 2023/12/06 8:11 a.m.26 views

CVE-2023-6459 Public endpoint /metrics of Calls plugin reveals channel IDs

Mattermost is grouping calls in the /metrics endpoint by id and reports that id in the response. Since this id is the channelID, the public /metrics endpoint is revealing channelIDs...

5.3CVSS6.1AI score0.00534EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/11/08 3:38 p.m.2 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/08/21 12:0 a.m.5 views

The vulnerability of the Ceph-crash.service component of the Ceph storage system allows a attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Ceph-crash.service component of the Ceph storage system is related to the assignment of users to inappropriate groups. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS7.2AI score0.00327EPSS
Exploits1References8Affected Software3
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.4 views

SUSE CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perfpmuregister and perfeventopen functions...

7.8CVSS5.7AI score0.00845EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.6 views

SUSE CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.9CVSS6.7AI score0.01062EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.6 views

SUSE CVE-2019-13118

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...

3.3CVSS8.5AI score0.05147EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.3 views

SUSE CVE-2020-26797

Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::FileGxf::ChooseParserChannelGrouping...

7.5CVSS7AI score0.04238EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/10/10 9:15 p.m.10 views

CVE-2022-41746

A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in...

9.1CVSS7.4AI score0.00971EPSS
Exploits0References3
Prion
Prion
added 2022/10/10 9:15 p.m.17 views

Spoofing

A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings. Please note: an attacker must first obtain the ability to log onto the Apex One web console in...

5.8CVSS9.2AI score0.00971EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.6 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/09/01 2:21 p.m.6 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/09 12:23 p.m.9 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/02 10:9 a.m.4 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/07/28 4:6 p.m.4 views

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

7.5CVSS7.3AI score0.02151EPSS
Exploits1References4
OSV
OSV
added 2022/05/13 1:12 a.m.19 views

GHSA-5729-822W-J342 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description...

5.4CVSS5.4AI score0.0117EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.25 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description...

5.4CVSS5.6AI score0.0117EPSS
Exploits0References10Affected Software1
Fedora
Fedora
added 2022/05/07 5:6 a.m.23 views

[SECURITY] Fedora 36 Update: golang-github-prometheus-alertmanager-0.23.0-8.fc36

The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...

7.5CVSS10AI score0.03931EPSS
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/08/18 4:0 p.m.32 views

Migrating content from traditional SIEMs to Azure Sentinel

In part two of this three-part series, we covered the five types of side-by-side security information and event management SIEM configurations commonly used during a long-term migration to Microsoft Azure Sentinel. For part three, we’ll be looking at best practices for migrating your data and...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.6 views

The vulnerability of the grouping module for control devices used to manage servers, databases, reference manuals, and other components of the “Center for Complex Management” system of engineering data and product life cycle management (LOCMan:PLM) allows unauthorized users to load files of a dangerous type indefinitely, enabling them to execute arbitrary code.

The vulnerability of the grouping module for control devices used to manage servers, databases, reference manuals, and other components of the “Center for Control System” in the engineering data and product lifecycle management system LOCsMAN:PLM is related to the unlimited loading of dangerous...

6.8CVSS6AI score
Exploits0Affected Software1
OSV
OSV
added 2021/03/18 8:15 p.m.2 views

DEBIAN-CVE-2020-26797

Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::FileGxf::ChooseParserChannelGrouping...

7.5CVSS6.9AI score0.04238EPSS
Exploits1References1
Rows per page
Query Builder