CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2024/06/28 12:41 p.m.•32 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package Go has been addressed. Vulnerability Details CVEID:CVE-2022-41725 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted request, a...

7.5CVSS8.4AI score0.00065EPSS

IBM Security Bulletins•added 2024/06/28 12:40 p.m.•17 views

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw wit...

7.1CVSS6AI score0.00065EPSS

RedHat Linux•added 2024/06/26 7:30 p.m.•20 views

Moderate: Red Hat Security Advisory: VolSync 0.9.2 for RHEL 9

VolSync v0.9.2 general availability release images provide the following: enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

7.5CVSS6.7AI score0.00533EPSS

Exploits0References4

OSSF Malicious Packages•added 2024/06/25 1:48 p.m.•4 views

Malicious code in ar_octopus-replication-tracking (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

OSV•added 2024/06/25 1:48 p.m.•4 views

MAL-2024-6667 Malicious code in ar_octopus-replication-tracking (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Fedora•added 2024/06/18 1:14 a.m.•22 views

[SECURITY] Fedora 39 Update: galera-26.4.18-1.fc39

Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see...

4.9CVSS5.5AI score0.00287EPSS

Exploits0

OpenVAS•added 2024/06/18 12:0 a.m.•19 views

Fedora: Security Advisory (FEDORA-2024-d61bffd77f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS5.6AI score0.00287EPSS

Exploits0References4

CNVD•added 2024/06/14 12:0 a.m.•3 views

Unspecified Vulnerability in SAP Replication Server (CNVD-2024-27893)

SAP LT Replication Server is a solution from SAP Germany. A security vulnerability exists in SAP Replication Server, which can be exploited by an attacker to execute certain commands against RSSD using the gateway, potentially resulting in memory corruption...

4.9CVSS7.3AI score0.00096EPSS

Veeam•added 2024/06/13 12:0 a.m.•12 views

Option to Add Veeam Kasten for Kubernetes Does Not Appear in Veeam Backup & Replication

Challenge When attempting to add Veeam Kasten for Kubernetes to Veeam Backup & Replication, the option for Kasten does not appear in the Add Server options. Cause This issue may occur if: The Veeam Kubernetes Service is not running and needs to be started. The Kasten Plug-In is not installed. Thi...

6.8AI score

Github Security Blog•added 2024/06/12 3:31 p.m.•37 views

Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.htmlsecurity-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the fieldsecurity parameter, an...

6.5CVSS7AI score0.00206EPSS

Exploits0References3Affected Software1

NVD•added 2024/06/12 2:15 p.m.•13 views

CVE-2024-23445

6.5CVSS0.00206EPSS

OSV•added 2024/06/12 2:15 p.m.•7 views

CVE-2024-23445

6.5CVSS6.6AI score

OSV•added 2024/06/12 2:15 p.m.•0 views

UBUNTU-CVE-2024-23445

6.5CVSS7AI score0.00206EPSS

Exploits0References3

CVE•added 2024/06/12 1:58 p.m.•317 views

CVE-2024-23445

CVE-2024-23445 affects Elasticsearch remote-cluster API key security model (GA 8.14.0). The issue: a cross-cluster API key that restricts index search via query or field_security and also grants replication for the same index may not enforce search restrictions during cross-cluster search, potent...

6.5CVSS6.5AI score0.00206EPSS

Exploits0References1Affected Software1

Fedora•added 2024/06/10 1:28 a.m.•21 views

[SECURITY] Fedora 40 Update: galera-26.4.18-1.fc40

4.9CVSS5.5AI score0.00287EPSS

Exploits0

OpenVAS•added 2024/06/10 12:0 a.m.•19 views

Fedora: Security Advisory for galera (FEDORA-2024-6ea93e629b)

4.9CVSS5.7AI score0.00287EPSS

OSV•added 2024/05/24 11:8 a.m.•1 views

OESA-2024-1636 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

4.9CVSS6AI score0.0009EPSS

OSV•added 2024/05/24 11:8 a.m.•1 views

OESA-2024-1635 mysql security update

4.9CVSS6AI score0.0009EPSS

OSV•added 2024/05/24 11:8 a.m.•1 views

OESA-2024-1634 mysql security update

4.9CVSS6AI score0.0009EPSS