Lucene search
K

9185 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.4 views

SUSE CVE-2015-6774

Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that...

7.5CVSS9.6AI score0.01543EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.4 views

SUSE CVE-2016-1973

Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service use-after-free via unspecified vectors...

8.8CVSS7.8AI score0.02991EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.4 views

SUSE CVE-2016-5733

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...

6.1CVSS6AI score0.02182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.4 views

SUSE CVE-2016-5739

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy CSP protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication toke...

7.5CVSS7AI score0.02948EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.3 views

SUSE CVE-2018-12585

An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service...

8.2CVSS8.2AI score0.01573EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.4 views

SUSE CVE-2019-5822

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

8.8CVSS5.9AI score0.01872EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.2 views

SUSE CVE-2019-9836

Secure Encrypted Virtualization SEV on Advanced Micro Devices AMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...

4.7CVSS7AI score0.01609EPSS
Exploits1References18
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.3 views

SUSE CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream i...

5.9CVSS5.9AI score0.03437EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.3 views

SUSE CVE-2020-6440

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS5.9AI score0.01153EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-9391

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has be...

5.5CVSS7.8AI score0.00497EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.2 views

SUSE CVE-2021-21239

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does no...

6.5CVSS7.7AI score0.0118EPSS
Exploits3References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

7.5CVSS9.4AI score0.01566EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0109

Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page...

6.5CVSS6.6AI score0.01313EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.7 views

SUSE CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

7.5CVSS7.8AI score0.04955EPSS
Exploits0References75
Malwarebytes
Malwarebytes
added 2023/02/15 1:0 a.m.15 views

TrickBot gang members sanctioned after pandemic ransomware attacks

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot alias "TrickLoader", a mainstream banking Trojan turned malware-as-a-service MaaS platform for other criminal...

1.2AI score
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.4 views

SA43667 - 2018-03 Out-of-Cycle Advisory: SAML allow authentication bypass via incorrect XML canonicalization

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple Pulse Secure products utilizing SAML implementation could allow an attacker with an authenticated access to a SAML Identity Provider IdP to bypass authentication for a differen...

7.4AI score
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.16 views

SA43903 - Response to SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. SegmentSmack CVE-2018-5390 and FragmentSmack CVE-2018-5391 are described as a TCP implementation denial of service vulnerability. A remote attacker can send crafted sequences of TCP/IP...

7.8CVSS7.1AI score0.7354EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/13 1:0 a.m.10 views

Malwarebytes recognized as endpoint security leader by G2

G2 has released their Winter 2023 reports, ranking Malwarebytes as the leader across a number of endpoint protection categories. Based on verified customer reviews, Malwarebytes has been ranked 1 over top EDR vendors for endpoint malware and antivirus protection, detection and remediation of...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/12 12:0 a.m.38 views

Fedora 36 : chromium (2023-4e6353c6f7)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4e6353c6f7 advisory. Update to 110.0.5481.77. Fixes the following security issues: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698 CVE-2023-0699 CVE-2023-0700 CVE-2023-0701...

8.8CVSS7.1AI score0.01812EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-5854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.3AI score0.04947EPSS
Exploits1References2
Rows per page
Query Builder