Lucene search
K

125 matches found

Positive Technologies
Positive Technologies
added 2023/03/12 12:0 a.m.4 views

PT-2025-18805

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-96.el9.x86 64 Description A vulnerability in the Linux kernel has been resolved, specifically in the scsi: qla2xxx module. The issue occurred when a command was completed in the abort path during driver...

5.5CVSS6.5AI score0.00168EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.6 views

SUSE CVE-2016-1249

The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service out-of-bounds read via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression...

5.9CVSS6.8AI score0.02428EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.4 views

SUSE CVE-2018-7158

The 'path' module in the Node.js 4.x release line contains a potential regular expression denial of service ReDoS vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, splitPathRe, used within the...

5.9CVSS8.5AI score0.03381EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/11/09 12:0 a.m.6 views

PT-2022-27239 · Unknown · Power Module

Name of the Vulnerable Software and Affected Versions: Power module affected versions not specified Description: The issue is related to a problem in permission verification within the power module. This could potentially lead to a module on the device entering an abnormal status if the issue is...

7.5CVSS7.2AI score0.00439EPSS
Exploits0References4
OSV
OSV
added 2022/10/07 1:5 p.m.6 views

USN-5371-3 nginx vulnerability

USN-5371-1 and USN-5371-2 fixed several vulnerabilities in nginx. This update provides the corresponding update for CVE-2020-11724 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perfo...

7.5CVSS7.1AI score0.02599EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.2 views

PT-2022-33332 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.19.4 Description: The issue is related to the powerpc/pseries/mobility module in the Linux Kernel, specifically with setting the NMI watchdog factor during an LPM. The actual impact and attack plausibility hav...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/08 12:0 a.m.7 views

PT-2022-21154 · Node.Js +8 · Node.Js +8

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 14.20.1 Node.js versions prior to 16.17.1 Node.js versions prior to 18.9.1 Description: The issue arises from the llhttp parser in the http module in Node.js, which does not correctly parse and validate...

9.8CVSS7.8AI score0.77385EPSS
Exploits31References350
Positive Technologies
Positive Technologies
added 2021/08/03 12:0 a.m.7 views

PT-2021-20101 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.1 and earlier Liferay DXP versions 7.0 through 7.0 before fix pack 96 Liferay DXP versions 7.1 through 7.1 before fix pack 20 Liferay DXP versions 7.2 through 7.2 before fix pack 5 Description: The issue concerns t...

4.3CVSS4.3AI score0.01195EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/04/25 12:0 a.m.25 views

Security update for nim (moderate)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2021:0618-1 Rating: moderate References: 1185083 1185084 1185085 Cross-References: CVE-2021-21372 CVE-2021-21373 CVE-2021-21374 CVSS scores: CVE-2021-21374 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affecte...

8.8CVSS7.4AI score0.03635EPSS
Exploits3References3
EUVD
EUVD
added 2021/03/17 9:20 a.m.3 views

EUVD-2020-9463

Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in...

7.5CVSS7.5AI score0.37516EPSS
Exploits1References12
OSV
OSV
added 2021/01/05 8:20 a.m.8 views

SUSE-SU-2021:14198-1 Security update for python

This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955...

7.5CVSS7.6AI score0.05366EPSS
Exploits0References3
CVE
CVE
added 2020/03/05 8:56 a.m.54 views

CVE-2019-14029

CVE-2019-14029 describes a use-after-free in the graphics module caused by destroying an already queued syncobj in error handling, affecting a wide range of Qualcomm/Snapdragon devices (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Wearables, etc.) across multiple SKUs (APQ8009,...

7.8CVSS7.6AI score0.00202EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/07/03 1:29 a.m.4 views

CVE-2018-1113

setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pamshells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstance...

5.3CVSS5.6AI score0.00315EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/08 12:0 a.m.4 views

PGObject::Util::DBAdmin shell code injection vulnerability

LedgerSMB is an open source ERP, financial management system written and maintained by software developer Dieter Simader. The system is a branch of SQL-Ledger financial management software.PGObject::Util::DBAdmin is one of the modules used to manage PGObject. A security vulnerability exists in...

9.8CVSS9.3AI score0.02581EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/03/23 12:0 a.m.3 views

PT-2018-3757 · Satori +1 · Go.Uuid +2

Name of the Vulnerable Software and Affected Versions: SIF versions prior to v1.2.3 Description: The issue is related to the github.com/satori/go.uuid module used as a dependency in SIF, which produces predictable UUID identifiers due to insecure randomness. This could allow a remote attacker to...

7.5CVSS6.9AI score0.00958EPSS
Exploits1References17
OSV
OSV
added 2014/05/22 5:26 p.m.5 views

MGASA-2014-0233 Updated webmin package fixes security vulnerabilities

Updated webmin package fix security vulnerabilities: Webmin has been updated to version 1.690, which fixes a security issue in the cron module and several XSS issues in pop-up windows...

6.3AI score
Exploits0References3
Drupal
Drupal
added 2014/05/21 12:0 a.m.12 views

SA-CONTRIB-2014-057 - Password policy - General logic error

This module enables you to define password policies with various constraints on allowable user passwords. The history constraint, when enabled, disallows a user's password from being changed to match a specified number of their previous passwords. Beginning with Password Policy 7.x-1.4, the histo...

7.2AI score
Exploits0References12
OSV
OSV
added 2013/06/06 12:24 p.m.7 views

MGASA-2013-0162 Updated moodle package fix security vulnerabilities

The assignment module in Moodle before 2.4.4 was not checking capabilities for users downloading all assignments as a zip CVE-2013-2079. The Gradebook's Overview report in Moodle before 2.4.4 was showing grade totals that may have incorrectly included hidden grades CVE-2013-2080. When registering...

5CVSS5.8AI score0.02372EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2009/05/06 12:0 a.m.48 views

Debian DSA-1789-1 : php5 - several vulnerabilities

Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems. The following four vulnerabilities have already been fixed in the stable lenny version of php5 prior to the release of lenny...

10CVSS7.4AI score0.07371EPSS
Exploits8References23
exploitpack
exploitpack
added 2007/12/21 12:0 a.m.22 views

MRBS 1.2.x - view_entry.php SQL Injection

MRBS 1.2.x - viewentry.php SQL Injection source: https://www.securityfocus.com/bid/26977/info MRBS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

8.6AI score
Exploits0
Rows per page
Query Builder