Lucene search
K

490 matches found

OSV
OSV
added 2024/11/06 6:46 p.m.6 views

MAL-2024-11641 Malicious code in music-source-separation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4aa4c5d893735fb71d4983056b6d254f087a4f5c82df6976e2efdab41f0c9f2 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 6:46 p.m.2 views

Malicious code in music-source-separation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4aa4c5d893735fb71d4983056b6d254f087a4f5c82df6976e2efdab41f0c9f2 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.6 views

Symfony 注入漏洞

Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony. Symfony suffers from an injection vulnerability that stems from allowing the separation of a PHP application from its global state...

7.3CVSS7.5AI score0.63422EPSS
Exploits0References3
OSV
OSV
added 2024/11/05 6:15 p.m.1 views

DEBIAN-CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

7.8CVSS6.4AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/05 5:10 p.m.1 views

CVE-2024-50112 x86/lam: Disable ADDRESS_MASKING in most cases

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

7.7AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 6:15 p.m.24 views

CVE-2024-49993

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

7AI score
Exploits0References1
CVE
CVE
added 2024/10/21 6:2 p.m.140 views

CVE-2024-49993

CVE-2024-49993 is associated with Linux kernel IOMMU VT-d flaws. The connected MiracleLinux advisory AXSA:2025-10392:38 notes iommuvt-d issues, including an explicit item: "iommu/vt-d: vulnerability may cause a soft lockup if qi_submit_sync() is called with zero invalidation descriptors, as the c...

6.7AI score
Exploits0
F5 Networks
F5 Networks
added 2024/10/07 3:15 a.m.31 views

K000141355: Multiple PHP vulnerabilities

Security Advisory Description CVE-2016-4342 ext/phar/pharobject.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact v...

8.8CVSS9.2AI score0.13314EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.6 views

The vulnerability of the application programming interface of the Grafana monitoring and observation platform’s Endpoint allows a perpetrator to escalate their privileges.

The vulnerability of the application programming interface of the Grafana monitoring and observation platform allows a perpetrator to enhance their privileges. This vulnerability is related to insufficient spatial separation. Exploiting this vulnerability could enable a remote perpetrator to...

4.6CVSS6.5AI score0.00579EPSS
Exploits0References5Affected Software2
Malwarebytes
Malwarebytes
added 2024/09/30 7:10 a.m.12 views

A week in security (September 23 – September 29)

Last week on Malwarebytes Labs: Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number Privacy watchdog files complaint over Firefox quietly enabling its Privacy Preserving Attribution Telegram will hand over user details to law enforcement Don’t share the vir...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/09/16 12:0 a.m.4 views

The vulnerability of the Python interpreter of the Cisco NX-OS operating system for Cisco Nexus switches allows a hacker to execute arbitrary commands.

The vulnerability of the Python interpreter in the Cisco NX-OS operating system of Cisco Nexus switches is related to insufficient spatial separation. Exploiting this vulnerability could allow an attacker to execute arbitrary commands in the basic operating system...

5.3CVSS5.9AI score0.00194EPSS
Exploits0References3
CVE
CVE
added 2024/09/09 7:7 p.m.416 views

CVE-2024-45296

The Jira Service Management Data Center/Server DoS issue (CVE-2024-45296) stems from the path-to-regexp dependency, which can generate pathological regular expressions causing DoS on the main thread. Affected: Jira Service Management DC/Server versions 10.2.0–10.5.0. CVSS 3.1 vector: AV:N/AC:L/PR...

7.5CVSS7.1AI score0.00932EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.6 views

PT-2024-6552 · Grafana +3 · Grafana +3

Name of the Vulnerable Software and Affected Versions: Grafana affected versions not specified Description: The issue is related to the wrong permission being applied to the alert rule write API endpoint in Grafana. This allows users with permission to write external alert instances to also write...

9.9CVSS7.5AI score0.97781EPSS
Exploits13References110
OSV
OSV
added 2024/08/23 11:8 a.m.5 views

OESA-2024-2018 pcp security update

PCP provides a range of services that may be used to monitor and manage system performance. These services are distributed and scalable to accommodate the most complex system configurations and performance problems. Security Fixes: A vulnerability has been identified in the Performance Co-Pilot P...

6.7CVSS6.8AI score0.002EPSS
Exploits0References2
Securelist
Securelist
added 2024/06/24 10:0 a.m.19 views

XZ backdoor: Hook analysis

Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident social engineering Part 3: XZ backdoor. Hook analysis In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned...

8.6AI score
Exploits0
NVD
NVD
added 2024/06/14 3:15 a.m.20 views

CVE-2024-27146

The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL...

6.7CVSS0.00245EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/06/14 2:35 a.m.15 views

CVE-2024-27146 Lack of privileges separation

The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL...

6.7CVSS7AI score0.00245EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/14 2:35 a.m.21 views

CVE-2024-27146 Lack of privileges separation

The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL...

6.7CVSS0.00245EPSS
Exploits1References4
CVE
CVE
added 2024/06/14 2:35 a.m.51 views

CVE-2024-27146

Summary (CVE-2024-27146): The Toshiba printers (notably Toshiba e-STUDIO/MFPs) are affected by a lack of privileges separation. The issue is documented across multiple sources (NVD, CVE lists, OpenVAS entry, and vendor advisories) and is described as the ability for an attacker who can access the...

6.7CVSS6.9AI score0.00245EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.6 views

PT-2024-21677 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns the lack of privileges separation in Toshiba printers. There is no information provided about the estimated number of potentially affected devices worldwide or...

6.7CVSS6.8AI score0.00245EPSS
Exploits1References6
Rows per page
Query Builder