Lucene search
K

5103 matches found

OSV
OSV
added 2022/01/18 7:15 p.m.4 views

CVE-2021-44840

An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit, create, and delete risk labels, such as Criticality and Priority Indication labels. By using the /core/table/query endpoint, and by using a POST request and indicating the affected label with tableUid...

2.7CVSS5.8AI score0.00641EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2022/01/03 4:47 p.m.576 views

Exploit for OS Command Injection in Gerapy

CVE-2021-43857 Gerapy prior to version 0.9.8 is vulnerable to...

9.8CVSS9.4AI score0.55331EPSS
Exploits7
OSV
OSV
added 2021/12/27 5:46 a.m.12 views

GSD-2021-1002747 net: stmmac: fix tc flower deletion for VLAN priority Rx steering

net: stmmac: fix tc flower deletion for VLAN priority Rx steering This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.11 by commit...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/15 7:31 p.m.118 views

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP has identified 32 apps that are affected by CVE-2021-44228 – the critical vulnerability in the Apache Log4j Java-based logging library that’s been under active attack since last week. As of yesterday, Patch Tuesday, the German software maker reported that it’s already patched 20 of those apps...

10CVSS10AI score0.99999EPSS
Exploits347References23
OSV
OSV
added 2021/12/13 1:15 a.m.3 views

DEBIAN-CVE-2018-25021

The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service DoS...

7.5CVSS7.4AI score0.02268EPSS
Exploits1References1
OSV
OSV
added 2021/12/13 1:15 a.m.2 views

UBUNTU-CVE-2018-25021

The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service DoS...

7.5CVSS5.8AI score0.02268EPSS
Exploits1References5
Information Security Automation
Information Security Automation
added 2021/11/30 8:30 p.m.178 views

Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who dont know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Command Line Interface I started...

7.1CVSS8.2AI score0.90388EPSS
Exploits10
CNNVD
CNNVD
added 2021/11/24 12:0 a.m.3 views

gnome-shell 安全漏洞

gnome-shell is a shell that provides core user interface functionality such as switching windows, launching applications or viewing notifications for the GNOME desktop. A security vulnerability exists in gnome-shell, where an attacker with low privileged privileges may be able to exploit the...

5.5CVSS5.8AI score0.00285EPSS
Exploits0References6
NVD
NVD
added 2021/09/30 2:15 a.m.15 views

CVE-2020-18684

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number...

9.8CVSS0.01251EPSS
Exploits1References1
Prion
Prion
added 2021/09/30 2:15 a.m.14 views

Integer overflow

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number...

7.5CVSS9.5AI score0.01251EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/30 1:17 a.m.24 views

CVE-2020-18684

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number...

9.7AI score0.01251EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.3 views

Floodlight 输入验证错误漏洞

Floodlight is an open source OpenFlow controller. Floodlight is vulnerable to an integer overflow vulnerability, which stems from the software having an integer overflow in the checkFlow of StaticFlowEntryPusherResource.java via priority or port number. No detailed vulnerability details are...

9.8CVSS8.3AI score0.01251EPSS
Exploits1References1
Huntr
Huntr
added 2021/09/19 6:12 p.m.15 views

Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii

Description Hello dear firefly-iii team I found some CSRFs with low priority in firefly-iii...

6.8CVSS1.4AI score0.00524EPSS
Exploits1
Fedora
Fedora
added 2021/09/02 11:46 p.m.24 views

[SECURITY] Fedora 34 Update: condor-8.8.15-1.fc34

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

0.3AI score
Exploits0
Code423n4
Code423n4
added 2021/07/21 12:0 a.m.9 views

Unchecked transfers found in 3 contracts

Handle maplesyrup Vulnerability details Impact This is a high priority vulnerability because it definitely affects the way that funds are transferred and sent between the contracts. You want to make sure that you check the boolean value from these transfer functions in order to make sure that the...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2021/06/29 12:30 p.m.116 views

WAF-A-MoLE - A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls

A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able to bypass the target WAF. You can use this tool for assessin...

8.5AI score
Exploits0References9
The Hacker News
The Hacker News
added 2021/06/28 6:39 a.m.622 views

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online

A security vulnerability in Cisco Adaptive Security Appliance ASA that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept PoC exploit code. The PoC was published by researchers from...

7.5CVSS1.6AI score0.99992EPSS
Exploits26
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.5 views

The vulnerability of the Python Priority Library, related to resource management errors, allows a hacker to cause a service failure.

The vulnerability of the Python Priority Library is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS7.2AI score0.01792EPSS
Exploits0References7Affected Software2
RedHat Linux
RedHat Linux
added 2021/05/25 6:49 a.m.5 views

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

7.8CVSS7.1AI score0.01377EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.6 views

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

7.8CVSS7AI score0.01377EPSS
Exploits1References28Affected Software6
Rows per page
Query Builder