Lucene search
K

4680 matches found

Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36022 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to an unpaired pm runtime put sync in omap8250 remove, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet bee...

7.3AI score
Exploits0References1
Prion
Prion
added 2022/11/25 7:15 p.m.24 views

Design/Logic Flaw

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

4.9CVSS5.4AI score0.00864EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/11/25 7:15 p.m.27 views

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

5.4CVSS6.1AI score0.00864EPSS
Exploits1References1
CVE
CVE
added 2022/11/25 12:0 a.m.94 views

CVE-2022-39332

Summary (CVE-2022-39332) : The Nextcloud Desktop client (nextcloud-desktop) is affected. An attacker can inject arbitrary HTML into the Desktop Client via user status and information, enabling a desktop UI HTML injection (XSS) vulnerability. The issue is remedied by upgrading the Nextcloud Deskto...

5.4CVSS5AI score0.00884EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2022/11/25 12:0 a.m.90 views

CVE-2022-39331

CVE-2022-39331 affects the Nextcloud desktop client. An attacker can inject arbitrary HTML into the Desktop Client notifications due to insufficient input sanitisation. Public advisories (OpenSUSE/OpenSUSE SU, Debian LTS) and the Debian/NVD entries reference this issue, with remediation recommend...

5.4CVSS5AI score0.00864EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/11/25 12:0 a.m.28 views

CVE-2022-39332 Cross-site scripting (XSS) in Nextcloud Desktop Client

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for...

4.6CVSS5.4AI score0.00884EPSS
Exploits1References6
OSV
OSV
added 2022/11/25 12:0 a.m.27 views

CVE-2022-39331 Cross-site Scripting (XSS) in Nexcloud Desktop Client

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

4.6CVSS5.4AI score0.00864EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2022/11/25 12:0 a.m.52 views

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

5.4CVSS5.4AI score0.00864EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/11/25 12:0 a.m.32 views

CVE-2022-39333

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

6.1CVSS6.2AI score0.00882EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/11/25 12:0 a.m.25 views

CVE-2022-39332

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for...

5.4CVSS5.4AI score0.00884EPSS
Exploits1
Oracle linux
Oracle linux
added 2022/11/22 12:0 a.m.34 views

pcs security update

0.11.3-4 - Fixed ruby socket permissions - Resolves: rhbz2116841 0.11.3-3 - Fixed booth ticket mode value case insensitive - Fixed booth sync check whether /etc/booth exists - Resolves: rhbz2026725 rhbz2058243 0.11.3-2 - Fixed 'pcs resource restart' traceback - Resolves: rhbz2102663 0.11.3-1 -...

8.8CVSS1.2AI score0.01825EPSS
Exploits1
Microsoft Security Update
Microsoft Security Update
added 2022/11/17 11:0 p.m.11 views

Azure File Sync Agent v15.2 Release – November 2022 (KB5013875)

Update for Azure File Sync agent version 15.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

3.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2022/11/17 11:0 p.m.10 views

Azure File Sync Agent v15.2 Release – November 2022 (KB5013875)

Update for Azure File Sync agent version 15.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

3.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2022/11/17 11:0 p.m.15 views

Azure File Sync Agent v15.2 Release – November 2022 (KB5013875)

Update for Azure File Sync agent version 15.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

3.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2022/11/17 11:0 p.m.9 views

Azure File Sync Agent v15.2 Release – November 2022 (KB5013875)

Update for Azure File Sync agent version 15.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

3.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.3 views

kernel: ath11k: mhi: use mhi_sync_power_up()

In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...

5.5CVSS6.3AI score0.00249EPSS
Exploits0References5
OSV
OSV
added 2022/11/11 12:0 a.m.28 views

CVE-2022-41882 Nextcloud Desktop vulnerable to code injection via malicious link

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file share and has it synced locally or the virtual filesystem enabled and clicked a nc://open/ link it will open the default editor for the file...

6.6CVSS7.4AI score0.00466EPSS
Exploits0References6
Prion
Prion
added 2022/11/10 3:15 p.m.27 views

Path traversal

A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

4CVSS4.5AI score0.00733EPSS
Exploits1References1Affected Software2
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.3 views

kernel: ath11k: mhi: use mhi_sync_power_up()

In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...

5.5CVSS6.3AI score0.00249EPSS
Exploits0References5
Citrix
Citrix
added 2022/10/26 12:0 a.m.12 views

ERROR : Dotmim.Sync.SyncException: SQLite Error 14: 'unable to open database file'.

On Broker machine event viewer : Dotmim.Sync.SyncException: SQLite Error 14: 'unable to open database file'. --- Microsoft.Data.Sqlite.SqliteException: SQLite Error 14: 'unable to open database file'. à Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRCInt32 rc, sqlite3 db à...

7AI score
Exploits0
Rows per page
Query Builder