Lucene search
K

206 matches found

Code423n4
Code423n4
added 2023/06/09 12:0 a.m.13 views

Lack of expiration time for cross-chain message passing

Lines of code Vulnerability details Lack of expiration time for cross-chain message passing Summary Lack of expiration time for cross-chain message passing Vulnerability Detail In the current implementation, the L1CrossDomainMessagern.sol inherits from CrossDomainMessager.sol and...

6.9AI score
Exploits0
OSV
OSV
added 2023/03/06 11:15 a.m.4 views

CVE-2022-3284

Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...

7.5CVSS5.8AI score0.00672EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/06 10:39 a.m.19 views

CVE-2022-3284 Insecure way of passing a download key

Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...

6.5CVSS7.7AI score0.00672EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.4 views

Intel OneApi Toolkits 代码问题漏洞

Intel OneApi Toolkits is a set of core tools and libraries from the United States Intel Intel. It is used to develop high-performance, data-centric applications across different architectures. A security vulnerability exists in Intel OneApi Toolkits versions prior to 2021.6, which stems from an...

7.3CVSS7.4AI score0.00175EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.5 views

SUSE CVE-2014-8631

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method...

4.3CVSS8.7AI score0.01623EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.3 views

SUSE CVE-2019-5824

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.8AI score0.01374EPSS
Exploits0References6
NVD
NVD
added 2023/02/08 8:15 p.m.25 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.7AI score0.59501EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2022/08/09 4:59 p.m.3 views

kernel: NFSv4: Fix free of uninitialized nfs4_label on referral lookup.

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4label on referral lookup. Send along the already-allocated fattr along with nfs4fslocations, and drop the memcpy of fattr. We end up growing two more allocations, but this fixes up a crash as:...

5.5CVSS6.3AI score0.00215EPSS
Exploits0References5
NVD
NVD
added 2022/07/12 10:15 a.m.29 views

CVE-2021-44221

A vulnerability has been identified in SIMATIC eaSie Core Package All versions V22.00. The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system...

7.5CVSS0.01346EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/12 10:15 a.m.2 views

CVE-2021-44221

A vulnerability has been identified in SIMATIC eaSie Core Package All versions V22.00. The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system...

7.5CVSS7AI score0.01346EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/12 10:6 a.m.31 views

CVE-2021-44221

A vulnerability has been identified in SIMATIC eaSie Core Package All versions V22.00. The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system...

7.5AI score0.01346EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.5 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that originates in the ms-mddt, search, and search-ms protocols in Windows Firefox's applications that pass content to Microsoft applications could le...

6.5CVSS7.7AI score0.00783EPSS
Exploits1References17
Prion
Prion
added 2022/02/24 3:15 p.m.17 views

Design/Logic Flaw

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability exists in the parameter "path" passing "/SHARED/". A malicious actor could identify the existence of users by requesting share information on specified share paths...

5CVSS5.1AI score0.00802EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/02/09 12:0 a.m.5 views

Intel Trace Analyzer And Collector 缓冲区错误漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. Intel Trace Analyzer and Collector suffers from a buffer error vulnerability that stems from a potential security flaw in Intel Trace Analyzer and...

5.5CVSS6.1AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/09 12:0 a.m.6 views

Intel Trace Analyzer and Collector 安全漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. A security vulnerability exists in Intel Trace Analyzer and Collector that stems from a potential security flaw in Intel Trace Analyzer and Collector. ...

5.5CVSS5.8AI score0.00254EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.42 views

AlmaLinux 8 : curl (ALSA-2021:3582)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:3582 advisory. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The...

6.5CVSS6.2AI score0.0627EPSS
Exploits3References4
Fedora
Fedora
added 2022/01/16 1:20 a.m.61 views

[SECURITY] Fedora 35 Update: python-celery-5.2.3-2.fc35

An open source asynchronous task queue/job queue based on distributed message passing. It is focused on real-time operation, but supports scheduling as well. The execution units, called tasks, are executed concurrently on one or more worker nodes using multiprocessing, Eventlet or gevent. Tasks c...

7.5CVSS0.2AI score0.03877EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/14 12:0 a.m.26 views

Mozilla Firefox Security Advisories (MFSA2021-55, MFSA2022-03) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.8AI score0.01344EPSS
Exploits8References1
Securelist
Securelist
added 2021/10/27 11:0 a.m.14 views

Extracting type information from Go binaries

During the 2021 edition of the SAS conference, I had the pleasure of delivering a workshop focused on reverse-engineering Go binaries. The goal of the workshop was to share basic knowledge that would allow analysts to immediately start looking into malware written in Go. A YouTube version of the...

7.1AI score
Exploits0
OSV
OSV
added 2021/08/25 2:44 p.m.15 views

GHSA-JQFH-8HW5-FQJR Improper Handling of Exceptional Conditions in detect-character-encoding

Impact In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. Patches The problem has been patched in detect-character-encoding v0.7.0. CVSS score CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:O/RC:C Base Score: 7.5 High Temporal Score: 7....

7.5CVSS7.4AI score0.02068EPSS
Exploits1References6
Rows per page
Query Builder