Lucene search
K

30468 matches found

OSV
OSV
added 2024/06/15 12:0 a.m.10 views

OPENSUSE-SU-2024:11431-1 libkpathsea6-6.3.3-76.3 on GA media

These are all security issues fixed in the libkpathsea6-6.3.3-76.3 package on the GA media of openSUSE Tumbleweed...

9.8CVSS8.1AI score0.07146EPSS
Exploits2References4
OSV
OSV
added 2024/06/15 12:0 a.m.21 views

OPENSUSE-SU-2024:11647-1 docker-20.10.11_ce-1.1 on GA media

These are all security issues fixed in the docker-20.10.11ce-1.1 package on the GA media of openSUSE Tumbleweed...

5CVSS6.7AI score0.02085EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.15 views

OPENSUSE-SU-2024:12060-1 patch-2.7.6-5.1 on GA media

These are all security issues fixed in the patch-2.7.6-5.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7AI score0.08411EPSS
Exploits0References2
OSV
OSV
added 2024/06/15 12:0 a.m.12 views

OPENSUSE-SU-2024:12332-1 ffmpeg-5-5.1.1-1.1 on GA media

These are all security issues fixed in the ffmpeg-5-5.1.1-1.1 package on the GA media of openSUSE Tumbleweed...

9CVSS8.7AI score0.00612EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.8 views

OPENSUSE-SU-2024:12972-1 libopenssl-1_1-devel-1.1.1u-1.1 on GA media

These are all security issues fixed in the libopenssl-11-devel-1.1.1u-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS7.4AI score0.73461EPSS
Exploits0References1
Nextcloud
Nextcloud
added 2024/06/14 2:29 p.m.23 views

Read-only users can restore old versions

None...

4.3CVSS4.8AI score0.00431EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2024/06/14 3:12 a.m.19 views

CVE-2024-36106

A flaw was found in Argo-CD. Error messages in Argo-CD may contain sensitive information, such as clusters and project names, which allows authenticated malicious users to enumerate possible targets...

4.3CVSS4.3AI score0.00408EPSS
Exploits0References4
OSV
OSV
added 2024/06/13 7:29 p.m.13 views

GHSA-WH78-7948-358J Cilium leaks sensitive information in cilium-bugtool

Impact The output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium deployments with the Envoy proxy enabled. Users of the following features are affected: - TLS inspection - Ingress with TLS termination - Gateway API with TLS...

7.9CVSS6.8AI score0.0018EPSS
Exploits0References10
hivepro
hivepro
added 2024/06/13 3:4 p.m.7 views

Microsoft’s June 2024 Patch Tuesday Addresses 49 Vulnerabilities

...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2024/06/13 2:10 p.m.44 views

CVE-2024-37164 CVAT SSRF via custom cloud storage endpoints

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. CVAT allows users to supply custom endpoint URLs for cloud storages based on Amazon S3 and Azure Blob Storage. Starting in version 2.1.0 and prior to version 2.14.3, an attacker with a CVAT...

7.1CVSS0.00347EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.29 views

CVE-2023-52447 affecting package kernel for versions less than 5.15.158.1-1

CVE-2023-52447 affecting package kernel for versions less than 5.15.158.1-1. A patched version of the package is available...

6.7CVSS7.7AI score0.00248EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.23 views

CVE-2024-26147 affecting package cert-manager for versions less than 1.11.2-10

CVE-2024-26147 affecting package cert-manager for versions less than 1.11.2-10. A patched version of the package is available...

7.5CVSS7.7AI score0.00926EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.17 views

CVE-2023-45288 affecting package moby-containerd for versions less than 1.6.26-5

CVE-2023-45288 affecting package moby-containerd for versions less than 1.6.26-5. A patched version of the package is available...

7.5CVSS6.7AI score0.91969EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.16 views

CVE-2023-52827 affecting package kernel for versions less than 5.15.158.2-1

CVE-2023-52827 affecting package kernel for versions less than 5.15.158.2-1. A patched version of the package is available...

7.1CVSS7.2AI score0.00246EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.18 views

CVE-2024-35176 affecting package ruby for versions less than 3.1.4-6

CVE-2024-35176 affecting package ruby for versions less than 3.1.4-6. A patched version of the package is available...

5.3CVSS5.8AI score0.02064EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/06/12 10:23 p.m.14 views

CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4

CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4. A patched version of the package is available...

5.4CVSS6AI score0.00979EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/06/12 3:5 p.m.32 views

CVE-2024-37297 WooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms

WooCommerce is an open-source e-commerce platform built on WordPress. A vulnerability introduced in WooCommerce 8.8 allows for cross-site scripting. A bad actor can manipulate a link to include malicious HTML & JavaScript content. While the content is not saved to the database, the links may be...

5.4CVSS6AI score0.00483EPSS
Exploits1References4
OSV
OSV
added 2024/06/12 2:46 p.m.26 views

CVE-2024-29181 @strapi/plugin-content-manager leaks data via relations via the Admin Panel

Strapi is an open-source content management system. Prior to version 4.19.1, a super admin can create a collection where an item in the collection has an association to another collection. When this happens, another user with Author Role can see the list of associated items they did not create...

2.3CVSS4.8AI score0.00385EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/11 2:38 p.m.25 views

CVE-2024-37295 Aimeos Core remote code execution in web server context

Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web server. Version...

7.2CVSS0.00607EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.5 views

PT-2024-4747

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version Description The issue is related to a logic error in the code, which could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for...

8.1CVSS6.8AI score0.0301EPSS
Exploits0References177
Rows per page
Query Builder