Lucene search
K

30457 matches found

Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.3 views

PT-2024-10604 · Unknown · Lunad3V Areaload

Name of the Vulnerable Software and Affected Versions: LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec Description: A critical issue affects the processing of the file request.php, where the manipulation of the phone argument leads to sql injection. The estimated number of...

5.5CVSS7.6AI score0.00291EPSS
Exploits0References7
OSV
OSV
added 2024/10/28 4:45 p.m.3 views

CLSA-2024-1730133909 Fix CVE(s): CVE-2023-27043

SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - CVE-2023-27043...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.26 views

PT-2024-41495

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.1 Description A permissions issue allowed a malicious application with root privileges to access private information. This was addressed with additional restrictions. Recommendations Update to macOS version 15.1 or...

7.5CVSS5.9AI score0.0034EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.4 views

PT-2025-7414

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.1 Description An application may be able to access user-sensitive data due to improved permissions checking. Recommendations Update to macOS version 15.1...

3.3CVSS5.8AI score0.0016EPSS
Exploits0References7
Fedora
Fedora
added 2024/10/26 3:3 a.m.16 views

[SECURITY] Fedora 41 Update: yarnpkg-1.22.22-5.fc41

Fast, reliable, and secure dependency management...

9.1CVSS6.9AI score0.01357EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/10/25 7:35 p.m.23 views

Exposure of vSphere's CPI and CSI credentials in Rancher

Impact A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a...

9.1CVSS6.5AI score0.00438EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/10/25 2:22 p.m.116 views

CVE-2024-49757

Zitadel contains a user-registration bypass in versions prior to 2.64.0 (and 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, 2.58.7) due to a missing security check. Administrators can disable self-registration (via the UI) but attackers could still register by navigating directly to /ui/login/loginname,...

7.5CVSS7.3AI score0.02572EPSS
Exploits0References8Affected Software1
SUSE Linux
SUSE Linux
added 2024/10/25 10:30 a.m.5 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed f...

5.9CVSS7.3AI score0.01118EPSS
Exploits0References4
OSV
OSV
added 2024/10/23 7:8 a.m.11 views

BIT-CILIUM-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

8.7CVSS6AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.4 views

PT-2024-7501 · Cisco · Cisco Adaptive Security Device Manager +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the TLS cryptography functionality could allow an...

8.6CVSS6.8AI score0.00518EPSS
Exploits0References5
CVE
CVE
added 2024/10/22 8:58 p.m.46 views

CVE-2024-48919

CVE-2024-48919 affects Cursor, an AI-assisted code editor. Prior to 2024-09-27, if a user imported a malicious webpage into Cursor’s Terminal Cmd-K, an attacker controlling that page could influence a language model to emit arbitrary terminal commands when the user opts to include the page conten...

9.2CVSS7.4AI score0.00491EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/22 8:58 p.m.25 views

CVE-2024-48919 RCE via Prompt Injection Into Cursor's Terminal Cmd-K

Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web...

9.2CVSS0.00491EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/10/22 2:46 p.m.14 views

CVE-2024-49954

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in staticcallmodulenotify staticcallmodulenotify triggers a WARNON, when memory allocation fails in staticcalladdmodule. That's not really justified, because the failure case must be correctly...

5.5CVSS7AI score0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.6 views

PT-2024-33177 · Unknown · Hospital Management System

Name of the Vulnerable Software and Affected Versions: Hospital Management System version 1.0.0 Description: The issue allows a remote attacker to execute arbitrary code due to a SQL Injection vulnerability in the hospital management system written in PHP. This could put sensitive data at risk...

8.1CVSS9AI score0.00859EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2024/10/21 10:7 p.m.12 views

CVE-2024-49880

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in allocflexgd Wesley reported an issue: ================================================================== EXT4-fs dm-5: resizing filesystem from 7168 to 786432 blocks ------------ cut here -----------...

6.7CVSS6.7AI score0.00245EPSS
Exploits0References4
OSV
OSV
added 2024/10/21 8:15 p.m.2 views

DEBIAN-CVE-2022-48947

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times and eventually it will wrap around the maximum number i.e., 255. This patch prevents this by adding a boundary check...

5.5CVSS5.4AI score0.00246EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/10/21 8:15 p.m.6 views

CVE-2022-48975

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochipsetupdev Here is a backtrace report about memory leak detected in gpiochipsetupdev: unreferenced object 0xffff88810b406400 size 512: comm "python3", pid 1682, jiffies 4295346908 age 24.090s...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/21 7:39 p.m.30 views

CVE-2024-50063 bpf: Prevent tail call between progs attached to different hooks

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If prog attached to one...

0.00231EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/21 7:39 p.m.11 views

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

6.2AI score0.002EPSS
Exploits0References2
OSV
OSV
added 2024/10/21 7:39 p.m.10 views

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

5.5CVSS5.9AI score0.002EPSS
Exploits0References5
Rows per page
Query Builder