Lucene search
K

147 matches found

OSV
OSV
added 2023/01/17 7:21 p.m.95 views

GSD-2023-1001480 bpf: Fix slot type check in check_stack_write_var_off

bpf: Fix slot type check in checkstackwritevaroff This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/11/19 12:0 a.m.6 views

CVE-2022-4064 Dalli Meta Protocol request_formatter.rb self.meta_set injection

A vulnerability was found in Dalli up to 3.2.2. It has been classified as problematic. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation of the argument cas/ttl leads to injection. It is possible ...

6.3CVSS7.7AI score0.01284EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2022/11/18 12:0 a.m.8 views

CVE-2022-41886 Overflow in `ImageProjectiveTransformV2` in Tensorflow

TensorFlow is an open source platform for machine learning. When tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also...

4.8CVSS7.1AI score0.0043EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/09/16 7:35 p.m.4 views

CVE-2022-35938 OOB read in `Gather_nd` op in TensorFlow Lite Micro

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been...

7CVSS9.2AI score0.00448EPSS
Exploits0References3
OSV
OSV
added 2022/09/06 6:15 p.m.3 views

CVE-2022-26453

In teei, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06664675; Issue ID: ALPS06664675...

6.7CVSS5.9AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2022/06/28 7:46 p.m.8 views

GSD-2022-1003762 Input: stmfts - do not leave device disabled in stmfts_input_open

Input: stmfts - do not leave device disabled in stmftsinputopen This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/02/27 2:47 a.m.21 views

GSD-2022-1000296 libsubcmd: Fix use-after-free for realloc(..., 0)

libsubcmd: Fix use-after-free for realloc..., 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.303 by commit...

7.3AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/01/16 8:17 p.m.106 views

Microsoft Patch Tuesday January 2022

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didnt make any changes to how connectors work. The report generation worked correctly on the first try. python3.8 vulristics.py...

10CVSS1.7AI score0.9279EPSS
Exploits28
Vulnrichment
Vulnrichment
added 2022/01/13 5:30 p.m.7 views

CVE-2022-21678 User's bio visible even if profile is restricted in Discourse

Discourse is an open source discussion platform. Prior to version 2.8.0.beta11 in the tests-passed branch, version 2.8.0.beta11 in the beta branch, and version 2.7.13 in the stable branch, the bios of users who made their profiles private were still visible in the tags on their users' pages. The...

4.3CVSS7.1AI score0.00908EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2021/12/09 7:3 a.m.13 views

crosskhoj.com Improper Access Control vulnerability OBB-2297119

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Prion
Prion
added 2021/04/15 4:15 p.m.18 views

Cross site scripting

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details...

5.8CVSS8.2AI score0.00668EPSS
Exploits1References1Affected Software3
Cvelist
Cvelist
added 2021/04/15 3:25 p.m.27 views

CVE-2021-29448 Stored DOM XSS in Pi-hole Admin Web Interface

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details...

7.6CVSS8.5AI score0.00668EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2020/11/01 2:5 p.m.11 views

indianfrootland.com Cross Site Scripting vulnerability OBB-1474038

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Openbugbounty
Openbugbounty
added 2020/10/06 2:18 p.m.13 views

nissiminc.com Cross Site Scripting vulnerability OBB-1385470

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Oracle linux
Oracle linux
added 2020/07/29 12:0 a.m.73 views

Unbreakable Enterprise kernel security update

5.4.17-2011.4.6.el8uek - Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' Somasundaram Krishnasamy Orabug: 31358097 5.4.17-2011.4.5.el8uek - IB/sa: Resolv use-after-free in ibnlmakerequest Divya Indi Orabug: 31631527 - certs: Remove Oracle cert compiled into the kernel Eric Snowbe...

7.2CVSS2.2AI score0.01314EPSS
Exploits0
OSV
OSV
added 2020/01/13 1:12 p.m.5 views

SUSE-SU-2020:0087-1 Security update for libsolv, libzypp, zypper

This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable bsc1158763. Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products bsc1155819. - Adds libzypp API to mark all...

4CVSS4.2AI score0.00301EPSS
Exploits0References13
OSV
OSV
added 2020/01/07 10:19 a.m.10 views

SUSE-SU-2020:0017-1 Security update for virglrenderer

This update for virglrenderer fixes the following issues: - CVE-2019-18388: Fixed a null pointer dereference which could have led to denial of service bsc1159479. - CVE-2019-18390: Fixed an out of bound read which could have led to denial of service bsc1159478. - CVE-2019-18389: Fixed a heap buff...

7.8CVSS6.5AI score0.00439EPSS
Exploits0References9
Openbugbounty
Openbugbounty
added 2017/06/09 7:47 p.m.8 views

doki-doki.fr XSS vulnerability

Vulnerable URL: http://www.doki-doki.fr/recherche.html?q=%3Cscript%20src=https://openbugbounty.org/1.js%3E Details: Description| Value ---|--- Patched:| Yes, at 11.08.2017 Latest check for patch:| 11.08.2017 09:07 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/23 10:41 p.m.7 views

technology-solved.com XSS vulnerability

Vulnerable URL: http://www.technology-solved.com/locations/ Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 19:39 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2689979 VIP website status:| No Check...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/04 7:44 p.m.9 views

claravital.de XSS vulnerability

Vulnerable URL: https://www.claravital.de/newsletter.php Details: Description| Value ---|--- Patched:| Yes, at 11.04.2017 Latest check for patch:| 11.04.2017 18:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 367251 VIP website status:| No Check claravital.de...

6.3AI score
Exploits0
Rows per page
Query Builder