Lucene search
K

5612 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.22 views

Security Bulletin: IBM Cognos BI 8.4 Partial Denial of Service Vulnerability

Abstract A malicious IBM Cognos BI 8.4 user is able to send a crafted request to the Cognos server which triggers high CPU utilization that may cause a partial denial of service condition due to CPU consumption. This vulnerability can only be exploited by authenticated users, and is not applicabl...

4CVSS1.9AI score0.00973EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/23 12:0 a.m.18 views

EulerOS Virtualization 2.9.0 : libdb (EulerOS-SA-2022-2386)

According to the versions of the libdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to...

3.3CVSS5.5AI score0.00604EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.4 views

mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

3.1CVSS7.3AI score0.00705EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.4 views

mysql: InnoDB unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...

5CVSS7.3AI score0.00846EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.3 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4CVSS7.3AI score0.01209EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.5 views

PT-2022-34469 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.291 Description: The issue concerns the ext4 filesystem in the Linux Kernel, specifically with avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been prove...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.6 views

PT-2022-34027 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.138 Description: The issue concerns the ext4 file system, specifically avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.6 views

PT-2022-34357 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: The issue concerns the ext4 filesystem, specifically avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

7AI score
Exploits0References1
OSV
OSV
added 2022/09/16 11:30 p.m.10 views

GSD-2022-1005082 ext4: avoid resizing to a partial cluster size

ext4: avoid resizing to a partial cluster size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.5 views

PT-2022-33340 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue concerns the ext4 filesystem in the Linux Kernel, specifically with avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven...

7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.6 views

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version 1.6.0-639, which stems from its AP4ByteStream::Write and AP4HdlrAtom::WriteFields components calling the System/StdC/Ap4StdCFileByteStream.cpp component's AP4...

6.5CVSS6.6AI score0.00592EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.6 views

PT-2022-25384 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A buffer overflow issue exists in the AP4 MemoryByteStream::WritePartial function in mp42aac, which can be exploited by attackers to cause a denial of service. This can be achieved by providing a crafted...

6.5CVSS6.5AI score0.00592EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/09/14 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2022-2323)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS6.8AI score0.00604EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.4 views

PT-2022-24782 · Siemens · Ruggedcom M2100 +62

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Affected software affected versions not specified Description: The issue is related to the improper handling of partial HTTP requests, making devices susceptible to slowloris attacks. This could...

7.5CVSS5.1AI score0.0118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.76 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.4.5)

The version of AOS installed on the remote host is prior to 5.20.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.4.5 advisory. - If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache...

8.8CVSS7.2AI score0.71653EPSS
Exploits24References12
ATTACKERKB
ATTACKERKB
added 2022/08/24 4:15 p.m.5 views

CVE-2021-4040

A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory OOM condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest...

5.3CVSS5.8AI score0.02499EPSS
Exploits0References5
Amazon
Amazon
added 2022/08/23 12:0 a.m.40 views

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

7.5CVSS5.9AI score0.17673EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/19 11:26 p.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center July 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details The following advisories are included in the IBM® SDK Java™...

10CVSS4.8AI score0.05577EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2022/08/18 7:7 p.m.36 views

Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`

Impact A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: "/Users/foo/resources" When passing relative paths to these two vulnerabl...

6.1CVSS4.4AI score0.00414EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/08/18 7:7 p.m.40 views

GHSA-4MMH-5VW7-RGVJ Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`

Impact A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: "/Users/foo/resources" When passing relative paths to these two vulnerabl...

6.1CVSS4.7AI score0.00414EPSS
Exploits1References6
Rows per page
Query Builder