Lucene search
K

30457 matches found

Positive Technologies
Positive Technologies
added 2024/09/19 12:0 a.m.5 views

PT-2024-6624 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based versions up to 128.0.2739.42 Description: The issue is related to type confusion errors, which can be exploited by a remote attacker to execute arbitrary code. This can potentially lead to remote code execution...

10CVSS8.4AI score0.00717EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2024/09/18 10:5 p.m.22 views

Mautic vulnerable to XSS in contact/company tracking (no authentication)

Summary Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable. Patches Please update to 4.4.13 or 5.1.1 or later. Workarounds None References https://owasp.org/www-project-top-ten/2017/A72017-Cross-SiteScriptingXSS...

6.1CVSS5.5AI score0.0029EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2024/09/18 5:5 p.m.43 views

CVE-2024-45298

Wiki.js exposes an authentication bypass where a disabled user can regain access by abusing the password reset flow. Affected: Wiki.js 2.5.303. Root cause: password reset handling allows access despite disabled status. Remediation: upgrade to version 2.5.304 (or later). No additional exploit deta...

4.3CVSS4.7AI score0.00402EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/09/18 7:12 a.m.11 views

CVE-2024-46789

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s-flags in the alloctaggingslabfreehook When enable CONFIGMEMCG & CONFIGKFENCE & CONFIGKMEMLEAK, the following warning always occurs,This is because the following call stack occurred: mempoolalloc...

5.5CVSS5.3AI score0.00177EPSS
Exploits0
OSV
OSV
added 2024/09/18 7:12 a.m.22 views

CVE-2024-46761 pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv

In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnvphp: Fix hotplug driver crash on Powernv The hotplug driver for powerpc pci/hotplug/pnvphp.c causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB. The crash occurs because...

5.5CVSS6.2AI score0.00251EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2024/09/18 6:32 a.m.11 views

CVE-2024-46730

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...

5.5CVSS5.5AI score0.00192EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/09/18 6:32 a.m.11 views

CVE-2024-46720

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix dereference after null check check the pointer hive before use...

5.5CVSS5.7AI score0.0022EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/17 8:8 p.m.25 views

CVE-2024-45811 server.fs.deny bypassed when using ?import&raw in vite

Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. @fs denies access to files outside of Vite serving allow list. Adding ?import&raw to the URL bypasses this limitation and returns the file content if it...

4.8CVSS5.2AI score0.0103EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/17 7:44 p.m.25 views

CVE-2024-45605 Improper authorization on deletion of user issue alert notifications in sentry

Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user delete the user issue alert notifications for arbitrary users given a know alert ID. A patch was issued to ensure authorization checks are properly scoped on requests to delete user alert...

6.5CVSS0.00386EPSS
Exploits0References3
OSV
OSV
added 2024/09/16 1:5 a.m.11 views

RHSA-2018:2097 Red Hat Security Advisory: patch security update

Bulletin has no description...

7.8CVSS7.9AI score0.0556EPSS
Exploits0References7
OSV
OSV
added 2024/09/13 11:24 p.m.21 views

RHSA-2023:0854 Red Hat Security Advisory: kernel-rt security and bug fix update

Bulletin has no description...

7.5CVSS7AI score0.21314EPSS
Exploits1References18
OSV
OSV
added 2024/09/13 3:7 p.m.18 views

RHSA-2018:1188 Red Hat Security Advisory: java-1.8.0-openjdk security update

Bulletin has no description...

7.5CVSS6.5AI score0.15141EPSS
Exploits0References43
OSV
OSV
added 2024/09/13 3:6 p.m.10 views

CGA-Q4H9-P729-MRPX

Bulletin has no description...

7.5CVSS8.2AI score0.01127EPSS
Exploits0
OSV
OSV
added 2024/09/13 2:41 p.m.18 views

RHSA-2017:2683 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.5CVSS8.1AI score0.16181EPSS
Exploits12References12
OSV
OSV
added 2024/09/13 12:27 p.m.22 views

RHSA-2016:1301 Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS7.3AI score0.03387EPSS
Exploits0References18
OSV
OSV
added 2024/09/13 6:47 a.m.24 views

RHSA-2010:0986 Red Hat Security Advisory: java-1.4.2-ibm-sap security update

Bulletin has no description...

10CVSS7.4AI score0.87264EPSS
Exploits14References63
CBLMariner
CBLMariner
added 2024/09/12 11:1 p.m.44 views

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2. A patched version of the package is available...

7.5CVSS7.3AI score0.04296EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/09/12 12:0 a.m.6 views

PT-2024-6332

Name of the Vulnerable Software and Affected Versions Spring Framework versions 5.3.0 through 5.3.39 Spring Framework versions 6.0.0 through 6.0.23 Spring Framework versions 6.0.24 through 6.1.12 Spring Framework versions 6.1.13 and earlier Description The vulnerability is related to path travers...

7.8CVSS7.6AI score0.14718EPSS
Exploits1References82
Mageia
Mageia
added 2024/09/11 8:42 p.m.32 views

Updated microcode package fix security vulnerabilities

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-42667 Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to...

7.8CVSS7.4AI score0.00285EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.1 views

filelock: fix potential use-after-free in posix_lock_inode

...

7.8CVSS7.6AI score0.00258EPSS
Exploits0
Rows per page
Query Builder