Lucene search
K

344 matches found

Fedora
Fedora
added 2022/07/30 2:0 a.m.15 views

[SECURITY] Fedora 36 Update: golang-k8s-kube-openapi-0-0.22.20210813git3c81807.fc36

Kubernetes OpenAPI spec generation & serving...

2AI score
Exploits0
OSV
OSV
added 2022/07/27 8:26 p.m.29 views

GO-2022-0355 Path traversal in github.com/valyala/fasthttp

The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators backslashes, permitting an attacker to construct requests with relative pat...

7.5CVSS7.4AI score0.02457EPSS
Exploits1References4
NCSC
NCSC
added 2022/07/27 12:0 a.m.6 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been found in OpenShift Container Platform. The private key for an external cluster certificate is stored in an insecure manner in the oauth-serving-cert ConfigMaps and therefore available to any OpenShift user or service account. A malicious can obtain this private key and...

6.5CVSS6.5AI score0.00457EPSS
Exploits0
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.3 views

Red Hat OpenShift Container Platform 信息泄露漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. The Red Hat OpenShift Container Platform suffers fro...

6.5CVSS6.5AI score0.00457EPSS
Exploits0References10
Fedora
Fedora
added 2022/07/17 1:16 a.m.36 views

[SECURITY] Fedora 35 Update: golang-k8s-kube-openapi-0-0.19.20210813git3c81807.fc35

Kubernetes OpenAPI spec generation & serving...

9.3CVSS2AI score0.05994EPSS
Exploits3
OSV
OSV
added 2022/07/11 1:15 a.m.3 views

CVE-2022-31505

The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score
Exploits0References1
Fedora
Fedora
added 2022/07/04 1:35 a.m.19 views

[SECURITY] Fedora 36 Update: golang-k8s-kube-openapi-0-0.21.20210813git3c81807.fc36

Kubernetes OpenAPI spec generation & serving...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
Fedora
Fedora
added 2022/07/04 1:35 a.m.28 views

[SECURITY] Fedora 36 Update: golang-github-elazarl-bindata-assetfs-1.0.1-9.fc36

Serve embedded files from jteeuwen/go-bindata with net/http...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/06/01 12:0 a.m.6 views

ai.konduit.serving:konduit-serving-cli (=0.1.0), ai.konduit.serving:konduit-serving-distro-bom (=0.1.0) +1594 more potentially affected by CVE-2022-30973 via org.apache.tika:tika-core (>=1.17 <=1.28.2)

org.apache.tika:tika-core MAVEN version =1.17, =4.1.3, =3.1.1, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.2.7, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.4.0-beta.7 and more Source cves: CVE-2022-30973 Source advisory: OSV:GHSA-QW3F-W4PF-JH5F...

5.5CVSS6.1AI score0.01858EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/05/18 3:28 p.m.3 views

sinatra: path traversal possible outside of public_dir when serving static files

A flaw was found in Sinatra when serving static files from the public directory. The requested path is not validated if it is in the public directory, allowing files outside of the public directory to be served...

7.5CVSS5.7AI score0.02059EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/05/17 12:0 a.m.6 views

ai.konduit.serving:konduit-serving-cli (=0.1.0), ai.konduit.serving:konduit-serving-distro-bom (=0.1.0) +1594 more potentially affected by CVE-2022-30126 via org.apache.tika:tika-core (>=1.17 <=1.28.1)

org.apache.tika:tika-core MAVEN version =1.17, =4.1.3, =3.1.1, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.2.7, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.4.0-beta.7 and more Source cves: CVE-2022-30126 Source advisory: OSV:GHSA-RPJM-422R-95MH...

5.5CVSS6.1AI score0.02495EPSS
Exploits0
Fedora
Fedora
added 2022/05/07 5:6 a.m.21 views

[SECURITY] Fedora 36 Update: golang-k8s-kube-openapi-0-0.20.20210813git3c81807.fc36

Kubernetes OpenAPI spec generation & serving...

7.5CVSS2AI score0.03931EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/07 12:0 a.m.5 views

ai.idylnlp:idylnlp-dl4j (>=1.0.0 <=1.1.0), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +742 more potentially affected by CVE-2021-23792 via com.twelvemonkeys.imageio:imageio-metadata (>=3.0 <=3.7.0)

com.twelvemonkeys.imageio:imageio-metadata MAVEN version =3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.3.0 - ai.konduit.serving:konduit-serving-gpu-nano =0.1.0 and more Source cves: CVE-2021-23792 Source advisory: OSV:GHSA-PJCH-4G28-FXX7...

9.8CVSS7.7AI score0.00995EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/02/10 8:28 p.m.4 views

ai.konduit.serving:konduit-serving-api (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-cli (>=0.0.2 <=0.3.0) +1764 more potentially affected by CVE-2019-17640 via io.vertx:vertx-web (>=3.0.0 <=3.9.3)

io.vertx:vertx-web MAVEN version =3.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =19.9.0, =22.3.2 and more Source cves: CVE-2019-17640 Source advisory: OSV:GHSA-VJW7-6GFQ-6WF5...

9.8CVSS7.2AI score0.01977EPSS
Exploits0
OSV
OSV
added 2021/12/23 8:15 p.m.2 views

DEBIAN-CVE-2021-44543

An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...

6.1CVSS5.9AI score0.00792EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/23 12:0 a.m.2 views

Open5Gs 输入验证错误漏洞

pen5Gs is a C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by an attacker to cause SGW-U/UPF to crash...

7.5CVSS5.7AI score0.04405EPSS
Exploits0References3
Snyk
Snyk
added 2021/12/17 7:59 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal if an unintended user is able to gain access to the diagnostic route, which may lead to information disclosure. Note: This only applies when MessageBus::Diagnostics is enabled it is not enabled by default. Details A...

6.5CVSS7.5AI score0.01869EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2021/12/07 3:29 p.m.5 views

ai.idylnlp:idylnlp-dl4j (>=1.0.0 <=1.1.0), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +742 more potentially affected by CVE-2021-23792 via com.twelvemonkeys.imageio:imageio-metadata (>=3.0 <=3.7.0)

com.twelvemonkeys.imageio:imageio-metadata MAVEN version =3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.3.0 - ai.konduit.serving:konduit-serving-gpu-nano =0.1.0 and more Source cves: CVE-2021-23792 Source advisory: SNYK:JAVA-COMTWELVEMONKEYSIMAGEIO-231676...

9.8CVSS7.7AI score0.00995EPSS
Exploits0
OSV
OSV
added 2021/11/09 5:15 p.m.1 views

DEBIAN-CVE-2021-43172

NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. In RPKI, a CA can choose the RRDP repository it wishes to publish its data in. By continuously generating a new child CA that only consists of anoth...

7.5CVSS7.3AI score0.0122EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2021/08/12 10:30 p.m.4 views

CVE-2021-37668

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using tf.rawops.UnravelIndex by triggering a division by 0. The implementation does not check that the tensor subsumed by dims is not...

5.5CVSS6.9AI score0.00154EPSS
Exploits0
Rows per page
Query Builder