Lucene search
K

215 matches found

Cvelist
Cvelist
added 2022/09/23 6:59 p.m.26 views

CVE-2022-32799

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak sensitive information...

6.2AI score0.01324EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/24 7:48 p.m.20 views

CVE-2022-32857

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s...

5.8AI score0.00239EPSS
Exploits0References6
NVD
NVD
added 2022/03/18 6:15 p.m.30 views

CVE-2022-22659

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information...

6.5CVSS0.00879EPSS
Exploits0References1
OSV
OSV
added 2022/02/15 1:57 a.m.23 views

GHSA-8W94-CF6G-C8MG Man-in-the-Middle (MitM)

Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...

6.9CVSS7.9AI score0.01867EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/12/02 12:0 a.m.36 views

SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2021:3838-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3838-1 advisory. - CVE-2021-31799: Fixed Command injection vulnerability in RDoc bsc1190375. - CVE-2021-31810: Fixed trusting FTP PASV...

7.4CVSS6.7AI score0.0305EPSS
Exploits2References10
Prion
Prion
added 2021/10/28 7:15 p.m.25 views

Input validation

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service...

4CVSS5.5AI score0.01294EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/10/28 7:15 p.m.32 views

Hardcoded credentials

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS...

4CVSS5.9AI score0.02075EPSS
Exploits0References7Affected Software6
UbuntuCve
UbuntuCve
added 2021/10/28 7:15 p.m.48 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS...

6.5CVSS6.8AI score0.02075EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/10/28 6:17 p.m.30 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS...

6.5CVSS2.8AI score0.02075EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.28 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : cups Multiple Vulnerabilities (NS-SA-2021-0161)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cups packages installed that are affected by multiple vulnerabilities: - A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP...

8.8CVSS7.1AI score0.02979EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.42 views

Debian DLA-2780-1 : ruby2.3 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2780 advisory. Multiple vulnerabilites in ruby2.3, interpreter of object-oriented scripting language Ruby, were discovered. CVE-2021-31799 In RDoc 3.11 through 6.x before 6.3.1, ...

7.4CVSS7.7AI score0.0305EPSS
Exploits2References10
NVD
NVD
added 2021/09/08 3:15 p.m.15 views

CVE-2021-1878

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information...

6.5CVSS0.01825EPSS
Exploits0References3
Prion
Prion
added 2021/09/08 3:15 p.m.19 views

Integer overflow

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information...

4CVSS6.6AI score0.01825EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2021/09/08 3:15 p.m.13 views

Denial of service

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to perform denial of service...

4.3CVSS6AI score0.01623EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/09/08 2:27 p.m.21 views

CVE-2021-30696

An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...

6.3AI score0.01152EPSS
Exploits0References3
Prion
Prion
added 2021/09/08 2:15 p.m.25 views

Path traversal

A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to leak sensitive user information...

4CVSS6.4AI score0.24292EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2021/09/08 1:41 p.m.95 views

CVE-2021-30722

CVE-2021-30722 is an information-disclosure flaw in macOS that was mitigated by state-management improvements. Affected products include macOS Big Sur 11.4, Security Update 2021-003 Catalina, and Security Update 2021-004 Mojave. The issue could let an attacker on a privileged network reveal sensi...

5.9CVSS5.6AI score0.01641EPSS
Exploits0References3Affected Software2
Amazon
Amazon
added 2021/09/08 12:0 a.m.69 views

Medium: golang

Issue Overview: A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity. CVE-2021-33197 A fl...

7.5CVSS6.7AI score0.06975EPSS
Exploits3
OpenVAS
OpenVAS
added 2021/09/08 12:0 a.m.20 views

Docker < 1.3.1 SSL Fallback Vulnerability

Docker is prone to an SSL fallback vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5CVSS8.1AI score0.01867EPSS
Exploits0References1
Prion
Prion
added 2021/08/24 7:15 p.m.23 views

Buffer overflow

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code...

6.8CVSS7.5AI score0.02354EPSS
Exploits0References4Affected Software5
Rows per page
Query Builder