Lucene search
+L

163 matches found

Vulnrichment
Vulnrichment
added 2023/07/24 3:19 p.m.12 views

CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space

A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...

7CVSS7.3AI score0.00761EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/06/01 12:0 a.m.4 views

libspdm 安全漏洞

libspdm is a DMTF open source example implementation that follows the DMTF SPDM specification. A security vulnerability exists in libspdm versions prior to 2.3.3 and 3.0, which stems from a vulnerability that allows an unauthenticated requestor to store and use a respondent's CTExponent value...

7.5CVSS7.3AI score0.00713EPSS
Exploits0References4
OSV
OSV
added 2023/05/10 10:15 a.m.5 views

CVE-2022-46817

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Flyzoo Flyzoo Chat plugin = 2.3.3 versions...

4.8CVSS5.8AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/15 12:0 a.m.6 views

GNU Mailman 安全漏洞

GNU Mailman is a free suite of software for managing e-mail discussions and e-mail lists from the GNU community in the United States. The software integrates with web projects to make it easy for users to manage email subscription accounts and provides built-in archiving, automatic forwarding...

6.3CVSS6.6AI score0.00299EPSS
Exploits0References4
Circl
Circl
added 2023/03/10 12:20 a.m.7 views

CVE-2022-4331

creationtimestamp| type| source ---|---|--- 2023-03-10 00:20:41+00:00| seen| https://t.me/cibsecurity/59760 2025-02-28 18:26:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5950 2025-03-02 11:45:38+00:00| seen| Telegram/j5jvAdPmVowONHQHmoASK9J1aFc3r8YXWa7dTJeupkTbFHo...

7.3CVSS7.1AI score0.00744EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.3 views

SUSE CVE-2010-3710

Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory consumption and application crash via a long e-mail address string...

4.3CVSS6.9AI score0.03091EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...

4.3CVSS6.2AI score0.04857EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.4 views

SUSE CVE-2021-20234

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

6.5CVSS7.2AI score0.01073EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29521

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in tf.rawops.SparseCountSparseOutput results in a segmentation fault being thrown out from the standard library as std::vector invariants are broken. This is because the...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/13 12:0 a.m.11 views

PT-2023-19046 · Microsoft +1 · Outlook +1

Name of the Vulnerable Software and Affected Versions: Axigen version 10.3.3.52 Description: A 2-Step Verification issue allows an attacker to access a mailbox by bypassing 2-Step Verification when trying to add an account to any third-party webmail service with IMAP or POP3 without any...

9.8CVSS7.2AI score0.00948EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.3 views

WordPress plugin WP Cerber Security, Anti-spam & Malware Scan 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.3CVSS5.8AI score0.00671EPSS
Exploits2References2
Circl
Circl
added 2022/12/09 8:18 p.m.10 views

CVE-2022-4336

creationtimestamp| type| source ---|---|--- 2022-12-09 20:18:44+00:00| seen| https://t.me/cibsecurity/54233...

5.4CVSS5.5AI score0.00334EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.9 views

CVE-2022-45278

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/getfields.html component...

8.2AI score0.0072EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.6 views

Liferay Portal和Liferay DXP 路径遍历漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-35888 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.332 Description: The issue is related to the hugetlb lock not being taken before decrementing h-resv huge pages. This could potentially lead to security vulnerabilities, although the actual impact and attac...

7.2AI score
Exploits0References1
OSV
OSV
added 2022/11/03 6:15 p.m.4 views

CVE-2022-3852

The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.3. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to delete, and modify calendars as well as the...

6.5CVSS5.6AI score0.00454EPSS
Exploits0References3
Circl
Circl
added 2022/11/01 11:23 p.m.5 views

CVE-2022-3317

creationtimestamp| type| source ---|---|--- 2022-11-01 23:23:48+00:00| seen| https://t.me/cibsecurity/52426...

4.3CVSS6.8AI score0.00599EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/09 12:0 a.m.13 views

PT-2022-34868 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.330 Description: The issue is related to a potential security vulnerability in the Linux Kernel, specifically in the s390/dasd component. It is caused by an Oops in dasd alias get start dev due to a missing...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/04 12:0 a.m.5 views

PT-2022-3981

Name of the Vulnerable Software and Affected Versions Apache Hadoop versions prior to 2.10.2 Apache Hadoop versions prior to 3.2.4 Apache Hadoop versions prior to 3.3.3 Description The issue is related to the FileUtil.unTarFile, File API in Apache Hadoop, which does not escape the input file name...

10CVSS9.9AI score0.04176EPSS
Exploits1References15
ATTACKERKB
ATTACKERKB
added 2022/07/06 1:15 p.m.2 views

CVE-2021-31677

An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords...

6.5CVSS6.7AI score0.00561EPSS
Exploits1References6
Rows per page
Query Builder