Lucene search
+L

257 matches found

OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2022-0294)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.81464EPSS
Exploits5References9
Fedora
Fedora
added 2022/07/31 1:37 a.m.12 views

[SECURITY] Fedora 36 Update: skopeo-1.9.0-4.fc36

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

2.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/07/06 7:26 p.m.30 views

Malformed CAR panics and excessive memory usage

Impact Versions impacted = [email protected] = [email protected] Description of user-facing changes...

0.9AI score
Exploits0References3Affected Software2
AlmaLinux
AlmaLinux
added 2022/05/10 2:59 p.m.19 views

container-tools:rhel8 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: Udica crashes when processing inspect file without capabilities BZ2077472...

7.1AI score
Exploits0References1
OSV
OSV
added 2022/05/10 2:59 p.m.11 views

ALBA-2022:2141 container-tools:rhel8 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: Udica crashes when processing inspect file without capabilities BZ2077472...

7.3AI score
Exploits0References1
Fedora
Fedora
added 2022/03/29 12:20 a.m.47 views

[SECURITY] Fedora 36 Update: skopeo-1.7.0-1.fc36

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

7.5CVSS2.6AI score0.05994EPSS
Exploits0
0day.today
0day.today
added 2021/12/20 12:0 a.m.304 views

Bazaar Web PHP Social Listings Shell Upload Vulnerability

-- Exploit Title: Bazaar Web PHP Social Listings Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/bazaar-social-listing-shopping-web-php-template/23207913 Software Demo :https://xserver.app/apps/bazaar-web/index.php Category: webapps ...

7.4AI score
Exploits0
Veracode
Veracode
added 2021/12/10 3:59 p.m.26 views

Access Control Bypass

keepalived is vulberable to access control bypass. The vulnerability exists due to the lack of sanitization of the message destination, allowing any user to inspect and manipulate any property...

5.4CVSS3.5AI score0.01159EPSS
Exploits0References8Affected Software4
OSV
OSV
added 2021/11/22 5:15 p.m.4 views

CVE-2019-5640

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...

5.3CVSS5.8AI score0.00522EPSS
Exploits0References1
Prion
Prion
added 2021/11/22 5:15 p.m.17 views

Design/Logic Flaw

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...

5CVSS5.1AI score0.00522EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/22 12:0 a.m.7 views

PT-2021-9120 · Rapid7 · Rapid7 Nexpose

Name of the Vulnerable Software and Affected Versions: Rapid7 Nexpose versions prior to 6.6.114 Description: The issue allows an attacker to expose information when a user's session has ended due to inactivity. By using the inspect element browser feature, an attacker can remove the login panel a...

5.3CVSS7AI score0.00522EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:1108-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.6AI score0.02449EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/03/15 2:59 p.m.3 views

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

7.5CVSS7AI score0.32362EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/03/15 2:55 p.m.2 views

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

7.5CVSS7AI score0.32362EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/03/15 2:53 p.m.3 views

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

7.5CVSS7AI score0.32362EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/11 12:0 a.m.32 views

CentOS 8 : nodejs:10 (CESA-2021:0735)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0735 advisory. - nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 - nodejs: DNS rebinding in --inspect CVE-2021-22884 Note that Nessus...

7.8CVSS7.6AI score0.77385EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/03/08 10:36 a.m.4 views

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

7.5CVSS7AI score0.32362EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/03/08 10:23 a.m.1 views

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

7.5CVSS7AI score0.32362EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/08 12:0 a.m.35 views

CentOS 8 : nodejs:14 (CESA-2021:0744)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0744 advisory. - nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 - nodejs: DNS rebinding in --inspect CVE-2021-22884 Note that Nessus...

7.8CVSS7.6AI score0.77385EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/03 12:0 a.m.53 views

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:0372-1 Rating: important References: 1182333 1182619 1182620 Cross-References: CVE-2021-22883 CVE-2021-22884 CVE-2021-23840 CVSS scores: CVE-2021-22883 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS7.8AI score0.77385EPSS
Exploits1References3
Rows per page
Query Builder