Lucene search
+L

7 matches found

redhat
redhat
added 2023/11/14 3:46 p.m.4 views

kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace If mpolnew is allocated but not used in restart loop, mpolnew will be freed via mpolput before returning to the caller. But refcnt is not initialized yet, so mpolput could not...

5.5CVSS6.3AI score0.00262EPSS
Exploits0References5
osv
osv
added 2023/05/31 8:15 p.m.5 views

CVE-2023-33732

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

6.1CVSS6AI score0.02123EPSS
Exploits6References1
attackerkb
attackerkb
added 2023/05/31 8:15 p.m.5 views

CVE-2023-33732

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

7.8CVSS7.1AI score0.02123EPSS
Exploits6References2
prion
prion
added 2023/05/31 8:15 p.m.16 views

Cross site scripting

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

5.8CVSS6.1AI score0.02123EPSS
Exploits6References1Affected Software1
ptsecurity
ptsecurity
added 2023/05/31 12:0 a.m.5 views

PT-2023-24461 · Microworld Technologies · Escan

Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan management console version 14.0.1400.2281 Description: The issue allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval in the New Policy form. This...

7.8CVSS8.2AI score0.02123EPSS
Exploits6References4
cve
cve
added 2023/05/31 12:0 a.m.48 views

CVE-2023-33732

CVE-2023-33733 concerns the Python ReportLab library. A sandbox bypass in ReportLab could allow arbitrary code execution when processing crafted PDFs. Public advisories (e.g., Debian DSA-5791/DLA-3917) state that vulnerable versions up to 3.6.12-1+deb12u1 (and earlier 3.5.59-2+deb11u1 in Debian 1...

6.1CVSS6.1AI score0.00844EPSS
Exploits2References1Affected Software1
osv
osv
added 2022/08/03 8:33 a.m.2 views

SUSE-SU-2022:2633-1 Security update for mokutil

This update for mokutil fixes the following issues: - Adds SBAT revocation support to mokutil. bsc1198458 New options added see manpage: - mokutil --set-sbat-policy latest | previous | delete to set the SBAT acceptance policy. - mokutil --list-sbat-revocations To list the current SBAT revocations...

7AI score
Exploits0References2
Rows per page
Query Builder