Lucene search
+L

266 matches found

osv
osv
added 2024/05/21 4:15 p.m.2 views

DEBIAN-CVE-2023-52741

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata-readintopages When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpagesfillpages+0x14c/0x7e0 Call Trace:...

7.8CVSS5.4AI score0.00253EPSS
Exploits0References1
osv
osv
added 2024/05/21 4:15 p.m.12 views

UBUNTU-CVE-2023-52741

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata-readintopages When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpagesfillpages+0x14c/0x7e0 Call Trace:...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References31
osv
osv
added 2024/05/19 6:15 a.m.6 views

CVE-2024-5098

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

6.5CVSS5.6AI score0.00484EPSS
Exploits1References4
rocky
rocky
added 2024/05/10 2:32 p.m.24 views

python-into-dbus-python bug fix and enhancement update

An update is available for python-into-dbus-python. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

6.8AI score
Exploits0
attackerkb
attackerkb
added 2024/05/03 3:15 a.m.6 views

CVE-2023-39495

PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that t...

5.5CVSS5.7AI score0.00357EPSS
Exploits0References2Affected Software1
openbugbounty
openbugbounty
added 2024/04/26 5:48 p.m.8 views

into-highschool.nl Improper Access Control vulnerability OBB-3922310

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
osv
osv
added 2024/01/10 1:15 p.m.3 views

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References1
amazon
amazon
added 2023/12/14 12:0 a.m.6 views

Medium: python-cryptography

Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects su...

6.5CVSS7.7AI score0.01301EPSS
Exploits1
rapid7blog
rapid7blog
added 2023/11/16 6:26 p.m.22 views

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...

7.2AI score
Exploits0
redhat
redhat
added 2023/11/14 4:14 p.m.10 views

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
redhat
redhat
added 2023/11/08 8:20 a.m.6 views

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
redhat
redhat
added 2023/11/07 8:47 a.m.4 views

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
redhat
redhat
added 2023/09/05 11:53 a.m.7 views

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
redhat
redhat
added 2023/08/21 9:53 p.m.6 views

python-cryptography: memory corruption via immutable objects

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References5
thn
thn
added 2023/06/30 11:31 a.m.3 views

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

In today's fast-paced digital landscape, the widespread adoption of AI Artificial Intelligence tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making...

6.5AI score
Exploits0
openbugbounty
openbugbounty
added 2023/06/13 7:25 a.m.11 views

intothyword.org Cross Site Scripting vulnerability OBB-3422896

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
bdu_fstec
bdu_fstec
added 2023/05/17 12:0 a.m.7 views

The vulnerability of the Cipher.update_into function in the Python programming language-based cryptography interpreter allows a attacker to compromise the integrity and accessibility of the output data.

The vulnerability of the Cipher.updateinto function in the Python programming language’s cryptographic library is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to compromise the integrity and accessibility of the...

6.5CVSS6.5AI score0.01301EPSS
Exploits1References19Affected Software16
susecve
susecve
added 2023/02/15 6:13 a.m.5 views

SUSE CVE-2006-7224

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All CVE users should consult CVE-2006-7227, CVE-2005-4872, and...

7AI score
Exploits0References4
susecve
susecve
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4349

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4540. Reason: This candidate was MERGED into CVE-2012-4540, since it was later discovered that it affected an additional version, but it does not constitute a regression error. Notes: All CVE users should reference CVE-2012-4540 instead of th...

7AI score
Exploits0References4
pypa
pypa
added 2023/02/07 9:15 p.m.8 views

PYSEC-2023-11

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS8.2AI score0.01301EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder