Lucene search
K

248 matches found

OSV
OSV
added 2022/11/19 12:15 a.m.9 views

CVE-2022-30256

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/11/19 12:15 a.m.47 views

CVE-2022-30256

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5CVSS7.1AI score0.0089EPSS
Exploits0References4
Prion
Prion
added 2022/11/19 12:15 a.m.27 views

Design/Logic Flaw

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

5CVSS7.2AI score0.0089EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2022/11/18 12:0 a.m.52 views

CVE-2022-30256

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5AI score0.0089EPSS
Exploits0References6
Prion
Prion
added 2022/11/08 6:15 a.m.14 views

Information disclosure

An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing RPA by...

3.3CVSS4.8AI score0.00338EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.5 views

Bluetooth Core Specification 安全漏洞

The Bluetooth Core Specification is a specification. Defines the technical building blocks used by developers to create the interoperable devices that make up the thriving Bluetooth ecosystem. Overseen by the Bluetooth Special Interest Group SIG and regularly updated and enhanced by the Bluetooth...

4.3CVSS5.1AI score0.00338EPSS
Exploits0References3
CVE
CVE
added 2022/11/08 12:0 a.m.50 views

CVE-2020-35473

CVE-2020-35473 describes an information‑leakage vulnerability in Bluetooth Low Energy advertising scan responses (including extended scan responses) that can identify devices using Resolvable Private Addressing (RPA). Affected are Bluetooth Core Specifications 4.0–5.2 and extended scan responses ...

4.3CVSS4.7AI score0.00338EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-8926 · Bluetooth Special Interest · Bluetooth Core Specification

Name of the Vulnerable Software and Affected Versions: Bluetooth Core Specifications versions 4.0 through 5.2 Description: An information leakage issue in the Bluetooth Low Energy advertisement scan response and extended scan response may be used to identify devices using Resolvable Private...

4.3CVSS4.7AI score0.00338EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/11/08 12:0 a.m.31 views

CVE-2020-35473

An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing RPA by...

4.7AI score0.00338EPSS
Exploits0References2
OSV
OSV
added 2022/08/31 11:11 a.m.4 views

SUSE-SU-2022:2960-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...

5.5CVSS5.8AI score0.00324EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/08/26 12:0 a.m.6 views

The vulnerability of implementations of data transmission specifications in industrial networks, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of implementations of data transmission specifications in industrial networks is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.0103EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.10 views

Fedora: Security Advisory for golang-github-deepmap-oapi-codegen (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 1:57 a.m.13 views

[SECURITY] Fedora 36 Update: golang-github-deepmap-oapi-codegen-1.8.2-4.fc36

Generate Go client and server boilerplate from OpenAPI 3 specifications...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/07/18 12:0 a.m.42 views

Swagger UI 3.14.0 < 3.38.0 Cross-Site Scripting

Swagger UI is a popular library used to beautify API specifications and render it to the users. Swagger UI versions 3.14.1 to 3.37.2 suffer from a DOM Cross-Site Scripting XSS vulnerability due to an outdated DomPurify embedded library and a feature available in the Swagger UI library itself whic...

6.2AI score
Exploits0References2
Fedora
Fedora
added 2022/07/17 1:15 a.m.29 views

[SECURITY] Fedora 35 Update: golang-github-deepmap-oapi-codegen-1.8.2-3.fc35

Generate Go client and server boilerplate from OpenAPI 3 specifications...

9.3CVSS8.2AI score0.0995EPSS
Exploits4
OSV
OSV
added 2022/05/13 1:38 a.m.20 views

GHSA-7GCP-2GMQ-W3XH RubyGems Code Injection vulnerability

RubyGems prior to 2.6.13 is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS8.5AI score0.1081EPSS
Exploits1References15
Github Security Blog
Github Security Blog
added 2022/05/13 1:38 a.m.29 views

RubyGems Code Injection vulnerability

RubyGems prior to 2.6.13 is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS3.8AI score0.1081EPSS
Exploits1References15Affected Software1
OSV
OSV
added 2022/01/21 4:15 p.m.3 views

CVE-2021-40855

The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production...

9.8CVSS5.8AI score0.0066EPSS
Exploits0References2
CVE
CVE
added 2022/01/21 3:33 p.m.42 views

CVE-2021-40855

CVE-2021-40855 concerns the EU Technical Specifications for Digital COVID Certificates before version 1.1, where certificate governance is mishandled. The vulnerability arises from allowing a non-production public key certificate to be used in production, potentially impacting the trust chain and...

9.8CVSS9.4AI score0.0066EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.4 views

Digital COVID Certificates 信任管理问题漏洞

Digital COVID Certificates is a digital COVID certificate for the European Union, designed to help facilitate the free movement and travel of EU citizens and non-EU nationals within the EU. A security vulnerability exists in Digital COVID Certificates that stems from the product allowing the use ...

9.8CVSS8.2AI score0.0066EPSS
Exploits0References3
Rows per page
Query Builder