CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1660 matches found

OSV•added 2024/02/13 7:15 p.m.•5 views

CVE-2024-1354

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. Exploitation of this vulnerability required access to the GitHub...

8CVSS5.8AI score0.0172EPSS

Exploits0References4

Prion•added 2024/02/13 7:15 p.m.•27 views

Command injection

4.3CVSS7.7AI score0.0172EPSS

Exploits0References4Affected Software1

Cvelist•added 2024/02/13 6:50 p.m.•19 views

CVE-2024-1354 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

8CVSS8.4AI score0.0172EPSS

Exploits0References4

CVE•added 2024/02/13 6:50 p.m.•105 views

CVE-2024-1354

CVE-2024-1354 describes a command-injection vulnerability in GitHub Enterprise Server where an attacker with editor privileges in the Management Console could escalate to admin SSH access via the syslog-ng configuration. The issue requires access to the GitHub Enterprise Server instance and Manag...

8CVSS8.1AI score0.0172EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2024/02/13 12:0 a.m.•3 views

PT-2024-17967 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 Description: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the...

8CVSS10AI score0.0172EPSS

Exploits0References8

Mageia•added 2024/02/04 2:49 a.m.•61 views

Updated glibc packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argumen...

8.4CVSS7.4AI score0.04794EPSS

Exploits9References3

Ubuntu•added 2024/02/01 12:41 p.m.•46 views

USN-6620-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges...

8.4CVSS7.1AI score0.04794EPSS

Exploits9

Tenable Nessus•added 2024/02/01 12:0 a.m.•32 views

Ubuntu 23.10 : GNU C Library vulnerabilities (USN-6620-1)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6620-1 advisory. It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and...

8.4CVSS7.7AI score0.04794EPSS

Exploits9References4

ATTACKERKB•added 2024/01/31 2:15 p.m.•0 views

CVE-2023-6246

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

8.4CVSS6AI score0.04794EPSS

Exploits7References13

OSV•added 2024/01/31 2:15 p.m.•35 views

CVE-2023-6246

7.8CVSS7.7AI score0.04794EPSS

Exploits7References12

NVD•added 2024/01/31 2:15 p.m.•16 views

CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

5.3CVSS6.8AI score0.02689EPSS

Exploits2References11

OSV•added 2024/01/31 2:15 p.m.•3 views

AZL-34735 CVE-2023-6246 affecting package glibc for versions less than 2.38-6

7.8CVSS6.9AI score0.04794EPSS

Exploits7References1

ATTACKERKB•added 2024/01/31 2:15 p.m.•1 views

CVE-2023-6780

8.4CVSS6AI score0.04794EPSS

Exploits8References10

OSV•added 2024/01/31 2:15 p.m.•1 views

DEBIAN-CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

7.5CVSS8.1AI score0.03127EPSS

Exploits2References1

OSV•added 2024/01/31 2:15 p.m.•36 views

CVE-2023-6780

5.3CVSS7.8AI score0.04794EPSS

Exploits8References10

OSV•added 2024/01/31 2:15 p.m.•38 views

CVE-2023-6779

7.5CVSS7.8AI score0.04794EPSS

Exploits8References10

OSV•added 2024/01/31 2:15 p.m.•2 views

DEBIAN-CVE-2023-6780