Lucene search
K

332 matches found

Vulnrichment
Vulnrichment
added 2023/01/13 1:34 a.m.8 views

CVE-2022-42278

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering...

7.2CVSS7.1AI score0.00575EPSS
Exploits0References1
CVE
CVE
added 2022/12/12 5:54 p.m.71 views

CVE-2022-3882

CVE-2022-3882 concerns the WordPress WP Memory plugin prior to 2.46. The vulnerability is a lack of proper authorization and CSRF protection in an AJAX action, allowing any authenticated user (e.g., a subscriber) to call the action and install/activate arbitrary plugins from wordpress.org. Connec...

6.5CVSS6.5AI score0.00327EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/10 12:0 a.m.37 views

Amazon Linux AMI : samba (ALAS-2022-1642)

The version of samba installed on the remote host is prior to 4.10.16-20.62. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1642 advisory. It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficient...

9CVSS6.6AI score0.13794EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.42 views

Amazon Linux 2022 : samba (ALAS2022-2022-213)

The version of samba installed on the remote host is prior to 4.16.5-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-213 advisory. - A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket ca...

9CVSS6.7AI score0.13794EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.32 views

GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202211-04 PostgreSQL: Multiple Vulnerabilities - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries...

8.8CVSS7.7AI score0.12403EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.26 views

RHEL 9 : samba (RHSA-2022:8317)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8317 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

4.3CVSS7.1AI score0.0099EPSS
Exploits0References15
OSV
OSV
added 2022/11/15 9:32 p.m.8 views

CLSA-2022-1668547929 samba: Fix of CVE-2022-32742

CVE-2022-32742: Fix server memory information leak via SMB1...

4.3CVSS6.6AI score0.0099EPSS
Exploits0References1
OSV
OSV
added 2022/11/15 9:14 p.m.4 views

CLSA-2022-1668546881 samba: Fix of CVE-2022-32742

CVE-2022-32742: Fix server memory information leak via SMB1...

4.3CVSS6.6AI score0.0099EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/15 3:20 p.m.10 views

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

4.3CVSS6.6AI score0.0099EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.40 views

CVE-2022-39294 (DoS) Denial of Service from unchecked request length in conduit-hyper

conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a...

7.5CVSS7.6AI score0.00689EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2022/10/28 1:12 p.m.16 views

Critical Vulnerability in Open SSL

There are no details yet, but its really important that you patch Open SSL 3.x when the new version comes out on Tuesday. How bad is "Critical"? According to OpenSSL, an issue of critical severity affects common configurations and is also likely exploitable. Its likely to be abused to disclose...

1.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.36 views

Oracle Linux 8 : samba (ELSA-2022-7111)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7111 advisory. - Fix CVE-2022-32742 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

4.3CVSS7AI score0.0099EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/25 8:54 a.m.59 views

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

4.3CVSS6.6AI score0.0099EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.49 views

RHEL 8 : samba (RHSA-2022:7111)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7111 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

4.3CVSS7AI score0.0099EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.27 views

AlmaLinux 8 : samba (ALSA-2022:7111)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7111 advisory. - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing...

4.3CVSS6.7AI score0.0099EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/19 8:14 p.m.4 views

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

4.3CVSS6.6AI score0.0099EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/10/11 11:15 a.m.3 views

CVE-2022-38371

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 =...

8.7CVSS5.8AI score0.01262EPSS
Exploits0References5Affected Software13
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2480)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.0099EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/09 12:0 a.m.36 views

EulerOS 2.0 SP8 : samba (EulerOS-SA-2022-2480)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing th...

8.8CVSS6.8AI score0.0099EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2022/09/28 2:6 p.m.68 views

USN-5645-1: PostgreSQL vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. CVE-2021-23214 Tom Lane discovered that PostgreSQL incorrect handled...

8.8CVSS7.5AI score0.0199EPSS
Exploits0
Rows per page
Query Builder