Lucene search
+L

117 matches found

RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.8 views

kernel: arch/arm64: Fix topology initialization for core scheduling

In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopology to call updatesiblingsmasks to transfer the toplogy to the various cpu masks. This needs to be done before the call to...

5.5CVSS6.2AI score0.00231EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2022/09/09 12:0 a.m.273 views

AirDisk 7.5.5 Cross Site Scripting

Exploit Title: AirDisk 7.5.5 File Manager Stored XSS Date: Sep 8, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://apps.apple.com/us/developer/felix-yew/id505904424 Software Link: https://apps.apple.com/us/app/airdisk-file-manager/id566530748 Version: 7.5.5 Tested on: iPhone ios 15.6 ...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2022/07/29 1:43 p.m.41 views

CVE-2022-36123

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges...

7.8CVSS6.6AI score0.00863EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/07/12 2:15 p.m.4 views

CVE-2022-35648

Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service fall by connecting the power cord to a 120V circuit which may lead to...

2.6CVSS5.8AI score0.00297EPSS
Exploits0References4
OSV
OSV
added 2022/06/06 10:21 p.m.4 views

CVE-2022-27438

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer Advanced Updater are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an...

8.1CVSS6.3AI score0.01942EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/03 10:36 a.m.74 views

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-4155 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by data leak flaw in the wa...

7.8CVSS1.1AI score0.05528EPSS
Exploits12Affected Software1
NVD
NVD
added 2022/04/01 11:15 p.m.24 views

CVE-2022-0489

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments...

5.7CVSS0.01464EPSS
Exploits1References3
Code423n4
Code423n4
added 2022/04/01 12:0 a.m.8 views

CoreCollection: Starting index is pseudo-randomly generated, allowing for gameable NFT launches

Lines of code Vulnerability details Details & Impact In Paradigm’s article “A Guide to Designing Effective NFT Launches”, one of the desirable properties of an NFT launch is unexploitable fairness: Launches must have true randomness to ensure that predatory users cannot snipe the rarest items at...

6.7AI score
Exploits0
Fedora
Fedora
added 2022/01/15 1:22 a.m.37 views

[SECURITY] Fedora 35 Update: systemd-249.9-1.fc35

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

5.5CVSS5.9AI score0.01561EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/08/25 12:0 a.m.7 views

The vulnerability of the electronic examination system TCExam, related to the improper display of files, allows a violator to carry out cross-site scripting attacks.

The vulnerability of the electronic examination system TCExam is related to the improper display of files in the text/html format, starting with a dot. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

5.4CVSS5.6AI score0.00634EPSS
Exploits1References4Affected Software1
Rockylinux
Rockylinux
added 2021/08/10 11:56 a.m.15 views

systemd bug fix and enhancement update

An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...

1.1AI score
Exploits0
Fedora
Fedora
added 2021/07/24 1:8 a.m.90 views

[SECURITY] Fedora 33 Update: systemd-246.15-1.fc33

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

6.1CVSS0.4AI score0.0865EPSS
Exploits3
Gitee
Gitee
added 2021/06/19 2:3 p.m.2 views

Pwn Write-ups

RE: 从零开始的 Pwn 世界之旅...

7AI score
Exploits0
OSV
OSV
added 2021/06/04 7:35 p.m.11 views

UVI-2021-1000539 btrfs: release path before starting transaction when cloning inline extent

btrfs: release path before starting transaction when cloning inline extent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.54 views

RHEL 8 : systemd (RHSA-2021:1611)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1611 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides...

7CVSS5.9AI score0.01217EPSS
Exploits3References24
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2020:0026-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02582EPSS
Exploits1References6
Gitee
Gitee
added 2021/04/14 9:13 a.m.6 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chao, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.8AI score
Exploits0
OSV
OSV
added 2021/02/01 12:0 a.m.28 views

ASB-A-172935267

In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.9AI score0.00259EPSS
Exploits0References2
NVD
NVD
added 2020/12/09 6:15 p.m.25 views

CVE-2020-2020

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR...

5.5CVSS5.3AI score0.00304EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.6 views

spring-data-jpa: Additional information exposure with Spring Data JPA derived queries

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

5.3CVSS5.8AI score0.01087EPSS
Exploits0References4
Rows per page
Query Builder