Lucene search
K

75 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/28 12:0 a.m.24 views

Fortinet Fortigate Slow HTTP DoS Attacks Mitigation (FG-IR-19-013)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-013 advisory. - An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2,...

7.5CVSS7.5AI score0.71634EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.5 views

Wildfly 跨站脚本漏洞

Wildfly is a powerful, modular and lightweight application server from Wildfly. Wildfly suffers from a cross-site scripting vulnerability that stems from allowing an attacker or insider to execute a deployment with a malicious payload that could trigger undesirable behavior against the server...

7.3CVSS6.3AI score0.00652EPSS
Exploits0References5
Amazon
Amazon
added 2024/05/03 12:0 a.m.9 views

Important: nodejs20

Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data i...

8.2CVSS6.7AI score0.87211EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2022/06/23 6:45 a.m.37 views

Denial of Service (DoS) vulnerability in RSSHub

Impact Passing some special values to the filter and filterout parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services. Patches It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as...

7.5CVSS7.1AI score0.01485EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/05/12 10:24 a.m.8 views

MGASA-2022-0168 Updated python-twisted packages fix security vulnerability

CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...

7.5CVSS7.6AI score0.03608EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 5:30 p.m.116 views

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

Summary Is Blueworks Live affected by CVE-2021-44228 Log4j Vulnerability? Vulnerability Details Please refer to the Flash Alert published here: Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Off Related...

10CVSS0.7AI score0.99999EPSS
Exploits354
NCSC
NCSC
added 2021/11/09 12:0 a.m.56 views

Vulnerabilities fixed in Nucleus NET stack

Forescout researchers have found 13 vulnerabilities in the Siemens Nucleus NET stack. This is a network stack that is used by both Siemens products as well as products from other vendors used. The vulnerabilities have collectively been named "NUCLEUS:13." assigned. The vulnerabilities were found ...

9.8CVSS7AI score0.03031EPSS
Exploits0
OSV
OSV
added 2021/08/17 3:11 p.m.7 views

OPENSUSE-SU-2021:2760-1 Security update for c-ares

This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers bsc1188881 - If aresgetaddrinfo was terminated by an aresdestroy, it would cause crash - Crash in sortaddrinfo if...

6.8CVSS7.5AI score0.02617EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/02/19 12:0 a.m.14 views

Security update for mumble (moderate)

openSUSE Security Update: Security update for mumble Announcement ID: openSUSE-SU-2021:0312-1 Rating: moderate References: 1180068 1182123 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for mumble fixes the...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/02/18 8:5 p.m.45 views

Kia Motors Hit With $20M Ransomware Attack – Report

So far, Kia Motors America has publicly acknowledged an “extended system outage,” but ransomware gang DoppelPaymer claimed it has locked down the company’s files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publis...

1.1AI score
Exploits0References10
OSV
OSV
added 2020/11/27 8:14 p.m.11 views

MGASA-2020-0440 Updated jruby packages fix security vulnerabilities

Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...

8.8CVSS7AI score0.0576EPSS
Exploits2References6
OSV
OSV
added 2020/09/17 1:33 p.m.14 views

SUSE-SU-2020:2673-1 Security update for samba

This update for samba to version 4.10.17 fixes the following issues: - Fixed net command unable to negotiate SMB2; bsc1174120; - Update to 4.10.17 - CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each; bso14378; bsc1173160. - CVE-2020-10730: NULL de-referenc...

9.1CVSS6.9AI score0.03874EPSS
Exploits1References31
OSV
OSV
added 2020/07/14 3:41 p.m.6 views

SUSE-SU-2020:1913-1 Security update for samba

This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU bsc1173160. - CVE-2020-14303: Fixed an endless loop when receiving at AD DC empty UDP packets bsc117335...

7.8CVSS6.9AI score0.03874EPSS
Exploits0References11
OSV
OSV
added 2020/02/20 10:5 a.m.8 views

SUSE-SU-2020:0427-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: nodejs10 was updated to version 10.19.0. Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string CVE-2019-15604, bsc1163104. - CVE-2019-15605: Fixed an HTTP request...

9.8CVSS8.4AI score0.57132EPSS
Exploits2References7
Citrix
Citrix
added 2019/12/30 12:0 a.m.8 views

Desktop Studio Error: "Can't Get License Info"

The license server can be registered with XenDesktop either when XenDesktop is configured, or through the Change license server action on the Licensing node in Desktop Studio. When the administrator specifies the address of the license server, Desktop Studio attempts to discover the License...

7.2AI score
Exploits0
Citrix
Citrix
added 2019/12/27 12:0 a.m.12 views

License Server does not recognize license file

Installed licenses not showing up on the License Administration Console or Licensing Manager...

7.2AI score
Exploits0
OSV
OSV
added 2019/03/23 11:15 a.m.7 views

OPENSUSE-SU-2019:0327-1 Security update for mariadb

This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed: - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service bsc1122198. - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to...

9.8CVSS5.1AI score0.0595EPSS
Exploits0References45
OSV
OSV
added 2019/03/23 10:50 a.m.14 views

OPENSUSE-SU-2019:0091-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.6AI score0.58204EPSS
Exploits10References9
Citrix
Citrix
added 2018/02/08 12:0 a.m.8 views

How to troubleshoot the Citrix Provisioning Services server

Provisioning Services PVS is software streaming technology that delivers patches, updates and other configuration information to multiple virtual desktop endpoints through a shared desktop image. It centralizes virtual machine management while reducing the operational and storage costs of a...

6.9AI score
Exploits0
OSV
OSV
added 2018/02/07 1:34 p.m.12 views

SUSE-SU-2018:0384-1 Security update for mariadb

This update for mariadb to version 10.0.33 fixes several issues. These security issues were fixed: - CVE-2017-10378: Vulnerability in subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL...

6.5CVSS5.8AI score0.03237EPSS
Exploits0References7
Rows per page
Query Builder