Lucene search
K

9179 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.51 views

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2023-2190)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container c...

5.5CVSS7AI score0.00377EPSS
Exploits0References2
OSV
OSV
added 2023/06/08 10:16 p.m.6 views

USN-6151-1 linux-xilinx-zynqmp vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that the KVM VMX implementation in the Linux kernel did no...

8.8CVSS7AI score0.0048EPSS
Exploits1References5
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/06/08 12:0 a.m.16 views

Guide to Serverless Architecture Design Patterns

Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/08 12:0 a.m.13 views

Pausing Optimism Portal only pauses withdrawals, can result in locked or lost funds

Lines of code Vulnerability details The comment over OptimismPortal.pause indicates pause should affect both deposits and withdrawls. Currently, only finalizeWithdrawalTransaction and proveWithdrawlTransaction implement the whenNotPaused modifier. Both depositTransaction and donateETH do not...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2023/06/05 12:0 a.m.46 views

Ubuntu: Security Advisory (USN-6135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.16642EPSS
Exploits7References2
Github Security Blog
Github Security Blog
added 2023/06/03 12:30 a.m.38 views

Hashicorp Consul vulnerable to denial of service

Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3...

7.5CVSS6.4AI score0.00768EPSS
Exploits0References3Affected Software1
HackRead
HackRead
added 2023/06/01 8:54 p.m.17 views

How To Reduce Cost Overruns For AI Implementation Projects

By Owais Sultan AI implementations can be costly and drain their allotted budgets. Thankfully, you can learn how to reduce your… This is a post from HackRead.com Read the original post: How To Reduce Cost Overruns For AI Implementation Projects...

6.9AI score
Exploits0
CVE
CVE
added 2023/06/01 4:15 p.m.59 views

CVE-2023-32690

Summary: libspdm (DMTF SPDM) prior to versions 2.3.3 and 3.0 stores the responder’s CTExponent after a CAPABILITIES response without validation. If a cryptographic operation is later requested (e.g., CHALLENGE), the requester uses the unvalidated CTExponent to compute a timeout, enabling potentia...

7.5CVSS6.4AI score0.00713EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/01 4:15 p.m.28 views

CVE-2023-32690 Responder can Invoke Undefined Behavior in libspdm Requester

libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...

5.7CVSS7.4AI score0.00713EPSS
Exploits0References5
OSV
OSV
added 2023/05/31 2:40 p.m.7 views

OPENSUSE-SU-2023:0117-1 Security update for chromium

This update for chromium fixes the following issues: - build with llvm15 on Leap - Chromium 113.0.5672.126 boo1211442: CVE-2023-2721: Use after free in Navigation CVE-2023-2722: Use after free in Autofill UI CVE-2023-2723: Use after free in DevTools CVE-2023-2724: Type Confusion in V8...

8.8CVSS9.3AI score0.29136EPSS
Exploits1References20
CNVD
CNVD
added 2023/05/31 12:0 a.m.39 views

Google Chrome Security Bypass Vulnerability (CNVD-2023-46111)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 114.0.5735.90, which stems from a mal-implementation issue in the Extensions API module. An attacker could exploit this vulnerability to bypass security...

4.3CVSS6.4AI score0.00621EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.29 views

FreeBSD : chromium -- multiple vulnerabilities (fd87a250-ff78-11ed-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fd87a250-ff78-11ed-8290-a8a1599412c6 advisory. - Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote...

8.8CVSS7.2AI score0.23855EPSS
Exploits2References15
NVD
NVD
added 2023/05/30 10:15 p.m.20 views

CVE-2023-2938

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS3.8AI score0.00906EPSS
Exploits0References5
NVD
NVD
added 2023/05/30 10:15 p.m.21 views

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS4AI score0.00621EPSS
Exploits0References5
OSV
OSV
added 2023/05/30 10:15 p.m.20 views

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.3AI score
Exploits0References5
OSV
OSV
added 2023/05/30 10:15 p.m.21 views

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5AI score
Exploits0References5
Prion
Prion
added 2023/05/30 10:15 p.m.25 views

Information disclosure

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS3.4AI score0.00906EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/05/30 10:15 p.m.21 views

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.3AI score0.00906EPSS
Exploits0References3
Prion
Prion
added 2023/05/30 10:15 p.m.26 views

Information disclosure

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS3.7AI score0.00621EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2023/05/30 10:15 p.m.19 views

Design/Logic Flaw

Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00693EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder