Lucene search
K

135 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8, iPadOS 14.8, tvOS 15, Safari 15, and watchOS 8. An attacker in a privileged network position may be able to bypass HSTS...

6.5CVSS6.3AI score0.02075EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : firefox-115.7.0-1.el8_9.ML.1 (AXSA:2024-7500:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7500:06 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

8.8CVSS8.4AI score0.02155EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 8 : webkit2gtk3-2.34.6-1.el8.ML.1 (AXSA:2022-3625:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3625:01 advisory. webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use after free CVE-2022-22620 webkitgtk: Use-after-free leadi...

9.3CVSS7.4AI score0.16342EPSS
Exploits4References31
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2022-30115)

Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or th...

4.3CVSS6.7AI score0.01118EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2022-42916)

In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly instead of using an insecure cleartext HTTP step even when HTTP is provided in the URL. This mechanism could be bypassed if the host nam...

7.5CVSS6.7AI score0.01644EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2022-43551)

A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypasse...

7.5CVSS6.7AI score0.17011EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7026

Malware in sbrugna...

2.6CVSS7.6AI score0.01253EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-17740

Malware in sbrugna...

6.5CVSS6.7AI score0.02075EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-18224

Malware in sbrugna...

4.3CVSS4.9AI score0.01158EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2015-3750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict...

6.4CVSS7.6AI score0.0194EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:47 p.m.4 views

In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

...

6.5CVSS9.2AI score0.00711EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-30823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. A...

6.5CVSS6.7AI score0.02075EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-0753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird...

6.5CVSS7.6AI score0.00711EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 a.m.9 views

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iClo...

4.3CVSS5.7AI score0.01158EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0162: webkit2gtk3 (ALINUX3-SA-2022:0162)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0162 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-1844: A memory corruption issue w...

9.3CVSS7.2AI score0.16342EPSS
Exploits4References34
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.23 views

Amazon Linux 2022 : webkit2gtk3, webkit2gtk3-devel, webkit2gtk3-jsc (ALAS2022-2022-015)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-015 advisory. A use-after-free flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. CVE-2021-30809 A confusion type flaw was...

8.8CVSS8.4AI score0.13486EPSS
Exploits4References35
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/24 11:46 a.m.154 views

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

9.8CVSS10AI score0.99677EPSS
Exploits128Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.33 views

GLSA-202402-26 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-26 Mozilla Firefox: Multiple Vulnerabilities - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR...

8.8CVSS8.2AI score0.02155EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.35 views

CentOS 8 : thunderbird (CESA-2024:0609)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0609 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affec...

8.8CVSS7.7AI score0.02155EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.41 views

CentOS 8 : firefox (CESA-2024:0608)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affec...

8.8CVSS7.7AI score0.02155EPSS
Exploits0References10
Rows per page
Query Builder