Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2192 matches found

Tenable Nessus
Tenable Nessusadded 2024/01/16 12:0 a.m.20 views

EulerOS 2.0 SP11 : cloud-init (EulerOS-SA-2023-2838)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

5.5CVSS6.2AI score0.0004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/01/16 12:0 a.m.28 views

EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2023-3116)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

5.5CVSS6.2AI score0.0004EPSS
Exploits0References3
OSV
OSVadded 2024/01/12 11:15 p.m.17 views

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5CVSS6.7AI score
Exploits0References8
NVD
NVDadded 2024/01/12 11:15 p.m.16 views

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5CVSS5.4AI score0.00092EPSS
Exploits1References8
OSV
OSVadded 2024/01/12 11:15 p.m.1 views

DEBIAN-CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5CVSS5.5AI score0.00092EPSS
Exploits1References1
OSV
OSVadded 2024/01/12 11:15 p.m.0 views

UBUNTU-CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5CVSS5.8AI score0.00092EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/01/12 12:0 a.m.2 views

PT-2024-1137

Name of the Vulnerable Software and Affected Versions Relax-and-Recover aka ReaR versions 2.7 and earlier Description The issue is related to information disclosure. It allows local attackers to gain access to system secrets that are otherwise only readable by root. This occurs when using GRUB...

6.8CVSS6.3AI score0.00092EPSS
Exploits1References93
Vulnrichment
Vulnrichmentadded 2024/01/12 12:0 a.m.13 views

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5AI score0.00092EPSS
Exploits1References5
Debian CVE
Debian CVEadded 2024/01/12 12:0 a.m.24 views

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

5.5CVSS5.5AI score0.00092EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2023/12/14 4:30 p.m.74 views

Moderate: Red Hat Security Advisory: Satellite 6.14.1 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

8.1CVSS6.8AI score0.0095EPSS
Exploits3References17
RedHat Linux
RedHat Linuxadded 2023/12/14 4:30 p.m.1 views

foreman: World readable file containing secrets

A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable...

6.7CVSS5.7AI score0.00093EPSS
Exploits0References4
OSV
OSVadded 2023/12/04 2:22 a.m.3 views

USN-6509-2 firefox regressions

USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

6AI score
Exploits0References2
BDU FSTEC
BDU FSTECadded 2023/12/01 12:0 a.m.1 views

The vulnerability of the ReadableByteStreams function in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to execute arbitrary code.

The vulnerability of the ReadableByteStreams function in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00407EPSS
Exploits0References13Affected Software6
RedHat Linux
RedHat Linuxadded 2023/11/29 1:59 p.m.3 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2023/11/29 12:54 p.m.1 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
OSV
OSVadded 2023/11/28 10:42 p.m.25 views

RLSA-2023:7189 Moderate: fwupd security update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.5CVSS6.3AI score0.001EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2023/11/28 4:4 p.m.3 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2023/11/27 4:30 p.m.4 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2023/11/27 4:14 p.m.1 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2023/11/27 4:13 p.m.3 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00407EPSS
Exploits0References6
Rows per page
Query Builder