Lucene search
K

1096 matches found

OSV
OSV
added 2024/06/07 8:2 p.m.4 views

GHSA-XFFP-6W68-4775 Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`

The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol IP address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into accou...

7.5CVSS7AI score
Exploits0References4
OSV
OSV
added 2024/06/06 12:28 p.m.10 views

CGA-Q672-W479-6W63

Bulletin has no description...

7.5CVSS8.3AI score0.91969EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/06/04 12:18 p.m.1 views

SUSE CVE-2024-35221

Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.fromyaml. fromyaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-bas...

4.3CVSS7AI score0.00494EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.32 views

RHEL 7 : runc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...

8.6CVSS8.7AI score0.9857EPSS
Exploits33References3
OSV
OSV
added 2024/05/30 12:41 a.m.16 views

GHSA-H7V2-2QWG-H829 Symfony has a security issue when parsing the Authorization header

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore...

5.3CVSS6.3AI score0.00956EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.31 views

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-1739)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

8.6CVSS7.4AI score0.18087EPSS
Exploits18References2
BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.5 views

The vulnerability of the rndis_set_response() function in the USB driver in the rndis.c module of the Linux kernel allows a hacker to gain increased privileges within the system.

The vulnerability of the rndissetresponse function in the USB driver in the rndis.c module of the Linux kernel is related to integer overflow errors. Exploiting this vulnerability can allow an attacker to gain increased privileges...

4.9CVSS5.5AI score0.00231EPSS
Exploits0References14Affected Software1
RedhatCVE
RedhatCVE
added 2024/05/23 11:8 a.m.24 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

4.4CVSS6.5AI score0.00205EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.42 views

Apache Tomcat 8.0.0.RC1 < 8.0.44

The version of Tomcat installed on the remote host is prior to 8.0.44. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.44security-8 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error pag...

7.5CVSS7.9AI score0.16567EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.46 views

Apache Tomcat 7.0.0 < 7.0.78

The version of Tomcat installed on the remote host is prior to 7.0.78. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.78security-7 advisory. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error pag...

7.5CVSS7.9AI score0.16567EPSS
Exploits1References4
Citrix
Citrix
added 2024/05/22 12:0 a.m.9 views

CLI SSH not working after upgrade with OpenSSH vulnerability patch Error Bad SSH2 cipher spec

After Upgrading to a firmware version with OpenSSH v9.3 patched for the recent SSH vulnerabilities 12.1-55.304+ FIPS, 13.0-92.23+, 13.1-53.4+, 13.1-37.180+ FIPS, 14.1-22.16+ SSH is not working anymore. Putty throws the error: Network error: Software caused connection abort...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
NVD
NVD
added 2024/05/21 4:15 p.m.24 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/05/21 4:15 p.m.18 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

5.5CVSS5.7AI score0.00205EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/21 3:22 p.m.34 views

CVE-2022-48707 cxl/region: Fix null pointer dereference for resetting decoder

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

6.5AI score0.00205EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/21 3:22 p.m.24 views

CVE-2022-48707 cxl/region: Fix null pointer dereference for resetting decoder

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

6.9AI score0.00205EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2024/05/15 11:58 a.m.16 views

Apple and Google join forces to stop unwanted tracking

Apple and Google have announced an industry specification for Bluetooth tracking devices which help alert users to unwanted tracking. The specification, called Detecting Unwanted Location Trackers, will make it possible to alert users across both iOS and Android if a device is unknowingly being...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/14 5:16 a.m.34 views

Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices

Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. "This will help mitigate the misuse of devices designed to...

8.1CVSS7AI score0.01411EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 8 : developer_environment (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - An issue wa...

8.8AI score0.12205EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 7 : runc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...

8.6AI score0.9857EPSS
Exploits34References3
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.26 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by a vulnerability: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via contro...

8.3CVSS7.7AI score0.12205EPSS
Exploits4References3
Rows per page
Query Builder