Lucene search
K

30465 matches found

OSV
OSV
added 2024/09/13 2:41 p.m.18 views

RHSA-2017:2683 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.5CVSS8.1AI score0.16181EPSS
Exploits12References12
OSV
OSV
added 2024/09/13 12:27 p.m.22 views

RHSA-2016:1301 Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS7.3AI score0.03387EPSS
Exploits0References18
OSV
OSV
added 2024/09/13 6:47 a.m.24 views

RHSA-2010:0986 Red Hat Security Advisory: java-1.4.2-ibm-sap security update

Bulletin has no description...

10CVSS7.4AI score0.87264EPSS
Exploits14References63
CBLMariner
CBLMariner
added 2024/09/12 11:1 p.m.44 views

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2. A patched version of the package is available...

7.5CVSS7.3AI score0.04296EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/09/12 12:0 a.m.6 views

PT-2024-6332

Name of the Vulnerable Software and Affected Versions Spring Framework versions 5.3.0 through 5.3.39 Spring Framework versions 6.0.0 through 6.0.23 Spring Framework versions 6.0.24 through 6.1.12 Spring Framework versions 6.1.13 and earlier Description The vulnerability is related to path travers...

7.8CVSS7.6AI score0.14718EPSS
Exploits1References82
Mageia
Mageia
added 2024/09/11 8:42 p.m.32 views

Updated microcode package fix security vulnerabilities

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-42667 Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to...

7.8CVSS7.4AI score0.00285EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.1 views

filelock: fix potential use-after-free in posix_lock_inode

...

7.8CVSS7.6AI score0.00258EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.2 views

can: mcp251xfd: fix infinite loop when xmit fails

...

5.5CVSS7.3AI score0.00227EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.3 views

PT-2024-7700 · Tp Link · Tp-Link Tl-Wdr5620

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WDR5620 version 2.3 Description: A remote code execution RCE vulnerability exists in TP-LINK TL-WDR5620 via the httpProcDataSrv function. This issue allows a remote attacker to execute arbitrary code. The vulnerability occurs due t...

8CVSS7.9AI score0.00793EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2024/09/11 12:0 a.m.24 views

Photon OS 5.0: Linux PHSA-2024-5.0-0370

An update of the linux package has been released. File data PhotonOSPHSA-2024-50-0370linux.nasl...

8.6AI score
Exploits0References2
NVD
NVD
added 2024/09/10 4:15 p.m.18 views

CVE-2024-45591

XWiki Platform is a generic wiki platform. The REST API exposes the history of any page in XWiki of which the attacker knows the name. The exposed information includes for each modification of the page the time of the modification, the version number, the author of the modification both username...

5.3CVSS0.03417EPSS
Exploits1References4
OSV
OSV
added 2024/09/10 3:15 p.m.7 views

AZL-49088 CVE-2024-43799 affecting package nodejs-nodemon 2.0.3-4

Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect which executes untrusted code. This issue is patched in send 0.19.0...

4.7CVSS6.7AI score0.00511EPSS
Exploits0References1
OSV
OSV
added 2024/09/10 3:15 p.m.5 views

AZL-49155 CVE-2024-43800 affecting package nodejs-nodemon 2.0.3-5

serve-static serves static files. serve-static passes untrusted user input - even after sanitizing it - to redirect may execute untrusted code. This issue is patched in serve-static 1.16.0...

4.7CVSS6.8AI score0.00595EPSS
Exploits0References1
OSV
OSV
added 2024/09/10 3:15 p.m.0 views

UBUNTU-CVE-2024-43799

Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect which executes untrusted code. This issue is patched in send 0.19.0...

5CVSS6.7AI score0.00511EPSS
Exploits0References3
OSV
OSV
added 2024/09/10 2:36 p.m.14 views

CVE-2024-43796 express vulnerable to XSS via response.redirect()

Express.js minimalist web framework for node. In express 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect may execute untrusted code. This issue is patched in express 4.20.0...

5CVSS6.9AI score0.00458EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.5 views

PT-2024-6368 · Mindsdb · Mindsdb

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.11.4.2 through 24.7.4.1 Description: An arbitrary code execution issue exists when one of several integrations is installed on the server. If a specially crafted UPDATE query containing Python code is run against a databas...

9CVSS8.4AI score0.00851EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.4 views

PT-2024-9884

Name of the Vulnerable Software and Affected Versions: Nix versions 2.24 through 2.24.5 Nix version 2.24 prior to 2.24.6 Description: A bug in Nix allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to arbitrary file system locations to which the...

9CVSS6.4AI score0.00586EPSS
Exploits1References31
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.5 views

PT-2024-6310 · Gitlab +2 · Gitlab +2

Name of the Vulnerable Software and Affected Versions: Ruby-SAML versions prior to 1.17.0 Ruby-SAML versions 1.13.0 through 1.16.0 GitLab versions prior to 17.3.3, 17.2.7, 17.1.8, 17.0.8, and 16.11.10 Description: The vulnerability is related to the Ruby SAML library, which is used for implementi...

10CVSS8.7AI score0.10684EPSS
Exploits4References195
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/09 1:24 p.m.22 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to SQL injection (CVE-2024-40689)

Summary A SQL injection vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-40689 DESCRIPTION: IBM InfoSphere Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to...

9.8CVSS6.3AI score0.00538EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.5 views

PT-2024-9667 · Synology · Synology Router Manager

Name of the Vulnerable Software and Affected Versions: Synology Router Manager versions prior to 1.3.1-9346-10 Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting attacks. Remote authenticated users with...

6.5CVSS5.7AI score0.00255EPSS
Exploits0References8
Rows per page
Query Builder