CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3378 matches found

OSV•added 2022/02/15 4:15 p.m.•4 views

AZL-33626 CVE-2022-21698 affecting package node-problem-detector for versions less than 0.8.10-19

clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...

7.5CVSS6.7AI score0.05994EPSS

Exploits0References1

OSV•added 2022/02/15 4:15 p.m.•3 views

AZL-34999 CVE-2022-21698 affecting package moby-engine for versions less than 25.0.3-1

7.5CVSS6.7AI score0.05994EPSS

Exploits0References1

OSV•added 2022/02/15 4:15 p.m.•3 views

AZL-31981 CVE-2022-21698 affecting package kured for versions less than 1.13.2-1

7.5CVSS6.7AI score0.05994EPSS

Exploits0References1

OSV•added 2022/02/15 4:15 p.m.•2 views

AZL-33614 CVE-2022-21698 affecting package moby-buildx for versions less than 0.7.1-16

7.5CVSS6.7AI score0.05994EPSS

Exploits0References1

UbuntuCve•added 2022/02/15 4:15 p.m.•57 views

CVE-2022-21698

7.5CVSS6.8AI score0.05994EPSS

Exploits0References5

OSV•added 2022/02/15 4:15 p.m.•1 views

UBUNTU-CVE-2022-21698

7.5CVSS6.8AI score0.05994EPSS

Exploits0References6

CNNVD•added 2022/02/15 12:0 a.m.•3 views

TIBCO AuditSafe 授权问题漏洞

TIBCO AuditSafe is an audit trail application from TIBCO. An authorization issue vulnerability exists in TIBCO AuditSafe, which can be exploited by an attacker to execute API methods on an affected system...

9.8CVSS8.4AI score0.01128EPSS

Exploits0References3

Cvelist•added 2022/02/15 12:0 a.m.•31 views

CVE-2022-21698 Uncontrolled Resource Consumption in promhttp

7.5CVSS8.9AI score0.05994EPSS

Exploits0References22

Positive Technologies•added 2022/02/15 12:0 a.m.•3 views

PT-2022-4597

Name of the Vulnerable Software and Affected Versions client golang versions prior to 1.11.1 Description The HTTP server in client golang is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. To...

7.8CVSS8.4AI score0.05994EPSS

Exploits0References468

OSV•added 2022/02/15 12:0 a.m.•30 views

CVE-2022-21698 Uncontrolled Resource Consumption in promhttp

7.5CVSS7.5AI score0.05994EPSS

Exploits0References24

Vulnrichment•added 2022/02/15 12:0 a.m.•6 views

CVE-2022-21698 Uncontrolled Resource Consumption in promhttp

7.5CVSS9.3AI score0.05994EPSS

Exploits0References22

AlpineLinux•added 2022/02/15 12:0 a.m.•35 views

CVE-2022-21698

7.5CVSS9.7AI score0.05994EPSS

Exploits0

Malwarebytes•added 2022/02/13 9:29 p.m.•25 views

Twitter cans 2FA service provider over surveillance claims

Twitter is transitioning away from from its two-factor authentication 2FA provider, Mitto AG, a Swiss communications company. The social media giant broke the news to US Senator Ron Wyden of Oregon. It is noted that Twitters decision to move away from Mitto AG came after allegations that its...

7.6AI score

Exploits0

OpenVAS•added 2022/02/11 12:0 a.m.•14 views

gitea < 1.11.2 RCE Vulnerability

Gitea is prone to a remote code execution RCE vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

9.8CVSS9.9AI score0.0206EPSS

Exploits0References2

The Hacker News•added 2022/02/09 1:53 p.m.•29 views

U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack

The U.S. Justice Department DoJ on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan,...

7.3AI score

Exploits0

Veracode•added 2022/02/09 10:37 a.m.•23 views

Remote Code Execution (RCE)

github.com/go-gitea/gitea is vulnerable to remote code execution. The vulnerability exists because of the reliance on protection mechanism of HTTP permission methods, allowing an attacker to bypass intended access restrictions and to perform the malicious operations remotely...

9.8CVSS3.5AI score0.0206EPSS

Exploits0References5Affected Software2

Github Security Blog•added 2022/02/09 12:33 a.m.•41 views

Unauthorized access to Class instance in Jinjava

Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure...

6.8CVSS3.1AI score0.01814EPSS

Exploits1References7Affected Software1

OSV•added 2022/02/09 12:0 a.m.•18 views

GHSA-JRPG-35HW-M4P9 Capture-replay in Gitea

Gitea is a project to help users set up a self-hosted Git service. Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. This could allow a remote malicious user to execute arbitrary code...

9.8CVSS9.6AI score0.0206EPSS

Exploits0References9

NVD•added 2022/02/08 3:15 p.m.•9 views

CVE-2021-45327

Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code...

9.8CVSS0.0206EPSS

Exploits0References4

OSV•added 2022/02/08 3:15 p.m.•3 views

UBUNTU-CVE-2021-45327

9.8CVSS7.5AI score0.0206EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by