Lucene search
K

4433 matches found

Amazon
Amazon
added 2023/10/16 12:0 a.m.80 views

Important: golang

Issue Overview: The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to...

8.1CVSS7.9AI score0.99999EPSS
Exploits19
AlmaLinux
AlmaLinux
added 2023/10/16 12:0 a.m.143 views

Moderate: nginx:1.22 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

7.5CVSS6.9AI score0.99999EPSS
Exploits19References4
OSV
OSV
added 2023/10/16 12:0 a.m.53 views

ALSA-2023:5738 Important: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References8
OSV
OSV
added 2023/10/16 12:0 a.m.57 views

ALSA-2023:5749 Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 7.0 to SDK 7.0.112 and Runtime 7.0.12...

7.5CVSS8.1AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.43 views

RHEL 8 : nginx:1.20 (RHSA-2023:5715)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5715 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References6
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.46 views

RHEL 8 : go-toolset:rhel8 (RHSA-2023:5721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5721 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http,...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References9
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.43 views

RHEL 9 : nginx (RHSA-2023:5714)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5714 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
added 2023/10/16 12:0 a.m.53 views

Important: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.60 views

RHEL 9 : nginx (RHSA-2023:5711)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5711 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References6
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.50 views

RHEL 8 : nginx:1.22 (RHSA-2023:5713)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5713 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References6
Amazon
Amazon
added 2023/10/16 12:0 a.m.116 views

Important: nghttp2

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: nghttp2 Note: This advisory is applicable to Amazon...

7.5CVSS7.6AI score0.99999EPSS
Exploits19
OSV
OSV
added 2023/10/16 12:0 a.m.56 views

ALSA-2023:5721 Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References6
OSV
OSV
added 2023/10/16 12:0 a.m.47 views

ALSA-2023:5712 Moderate: nginx:1.20 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.54 views

RHEL 9 : go-toolset and golang (RHSA-2023:5738)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5738 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References10
Citrix
Citrix
added 2023/10/16 12:0 a.m.19 views

How to mitigate the HTTP/2 Rapid Reset vulnerability (CVE-2023-44487) on NetScaler

Advise how to mitigate the HTTP/2 Rapid Reset vulnerability on NetScaler...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.41 views

RHEL 9 : dotnet6.0 (RHSA-2023:5706)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5706 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References5
OSV
OSV
added 2023/10/16 12:0 a.m.48 views

ALSA-2023:5710 Important: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23...

7.5CVSS8.1AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.45 views

Debian dla-3621 : libnghttp2-14 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3621 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3621-1 [email protected]...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
added 2023/10/16 12:0 a.m.58 views

Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 7.0 to SDK 7.0.112 and Runtime 7.0.12...

7.5CVSS6.8AI score0.99999EPSS
Exploits19References4
OSV
OSV
added 2023/10/16 12:0 a.m.43 views

ALSA-2023:5709 Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 7.0 to SDK 7.0.112 and Runtime 7.0.12...

7.5CVSS8.1AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder