Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-4394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in btrfsgetdevargsfrompath in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker wit...

6.7CVSS6AI score0.00208EPSS
Exploits0References2
Prion
Prion
added 2023/10/17 12:15 a.m.18 views

Design/Logic Flaw

IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607...

1.4CVSS5.4AI score0.00194EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/08/17 1:15 p.m.15 views

CVE-2023-4394

A use-after-free flaw was found in btrfsgetdevargsfrompath in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information...

6.7CVSS6.1AI score0.00208EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/08/17 3:27 a.m.43 views

CVE-2023-4394

A use-after-free flaw was found in btrfsgetdevargsfrompath in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information...

6.7CVSS6AI score0.00208EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.14 views

LiquidationQueue brings centralization risk in the contract.

Lines of code Vulnerability details Impact the owner has too much unilateral control over liquidations and can manipulate te country in the following ways: The owner of LiquidationQueue sees a profitable liquidation opportunity Before anyone else can liquidate, they use LiquidationQueue to place ...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/06/13 1:35 a.m.37 views

CVE-2023-3159

A use-after-free flaw was found in driver/firewire in outboundphypacketcallback in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a use-after-free issue when the queueevent fails. Mitigation Mitigation for this issue is either not available or the currently...

6.7CVSS6.4AI score0.00228EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/02/09 12:0 a.m.11 views

Upgraded Q -> 3 from #510 [1675932827359]

Judge has assessed an item in Issue 510 as 3 risk. The relevant finding follows: In red are the state transitions that can only be performed with special privileges recreateMinipool: The following transitions will be performed Withdrawable-PreLaunch Error-PreLaunch createMinipool: will perform th...

6.7AI score
Exploits0
NVD
NVD
added 2022/08/01 9:15 p.m.42 views

CVE-2022-31194

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowi...

8.2CVSS0.00886EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/27 12:0 a.m.2 views

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in different environments, etc. IBM...

8.8CVSS5.6AI score0.00697EPSS
Exploits0References4
OSV
OSV
added 2022/03/25 7:15 p.m.6 views

CVE-2022-0494

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

4.4CVSS6.7AI score
Exploits0References5
Code423n4
Code423n4
added 2022/01/27 12:0 a.m.12 views

Pair creation can be denied

Handle cmichel Vulnerability details The LaunchEvent.createPair requires that no previous pool was created for the WAVAX token pair. function createPair external isStoppedfalse atPhasePhase.PhaseThree address wavaxAddress, address tokenAddress = addressWAVAX, addresstoken ; // @audit grief: anyon...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that can be exploited by a local attacker with special user privileges to bypass authentication and potentially cause an err...

5.5CVSS5.7AI score0.00254EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2021/11/24 10:40 a.m.14 views

CVE-2021-32037

Removed by vendor...

6.5CVSS6.5AI score0.01181EPSS
Exploits0
MongoDB
MongoDB
added 2021/11/24 12:0 a.m.30 views

User may trigger invariant when allowed to send commands directly to shards

An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...

6.5CVSS6.2AI score0.01181EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/09/20 5:15 p.m.12 views

Code injection

IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575...

2.1CVSS4.4AI score0.00264EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/17 9:18 p.m.15 views

Security Bulletin: IBM Cloud Pak for Data could allow a local user with special privileges to obtain highly sensitive information

Summary Cloud Pak for Data "shared credentials" are available to authorized users. However, because the credentials are shared, it is difficult to audit access to the connection, to identify the source of data loss, or identify the source of a security breach. You can apply a patch to disable thi...

4.4CVSS1.8AI score0.00264EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:41 p.m.16 views

Security Bulletin: IBM Capacity Management Analytics affected by vulnerability password easy to decrypt in shell files (CVE-2015-7432)

Summary It is very easy to decrypt user and admin password from the setenv.sh and parameter.txt file Vulnerability Details CVEID: CVE-2015-7432 DESCRIPTION: IBM Capacity Management Analytics could allow a local user with special privileges to decrypt other CMA user's usernames and passwords. CVSS...

7.8CVSS0.4AI score0.00351EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.37 views

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe, ... has 8 uninitialized bytes at the end, as the size ...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2013/08/27 3:56 a.m.17 views

[Network Password Decryptor v6.0] Windows Network Password Recovery Tool

Network Password Decryptor is the free tool to instantly recover network authentication passwords. In addition to the network authentication passwords it can also recover passwords stored by other windows apps such as Outlook , Windows Live Messenger , Remote Destktop etc. These network passwords...

7.3AI score
Exploits0
Rows per page
Query Builder