Lucene search
+L

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/18 4:7 p.m.9 views

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Handling of Syntactically Invalid Structure in Grafana (CVE-2025-22865)

Summary Grafana is used by IBM Storage Ceph as part of the dashboard to monitor the stats for each cluster. CVE-2025-22865 Vulnerability Details CVEID:CVE-2025-22865 DESCRIPTION: Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key i...

7.5CVSS6.5AI score0.00587EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/08 4:15 a.m.8 views

AZL-50144 CVE-2024-9026 affecting package php for versions less than 8.1.30-1

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catchworkersoutput = yes, it may be possible to pollute the final log or remove up to 4 characters from the log messages by manipulating log...

3.3CVSS6.5AI score0.00483EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/10/06 6:15 p.m.4 views

CVE-2022-2975

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0...

7.7CVSS6.2AI score0.00209EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/11/03 4:15 p.m.3 views

DEBIAN-CVE-2021-37148

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1...

7.5CVSS7.3AI score0.02507EPSS
Exploits0References1
OSV
OSV
added 2021/11/03 4:15 p.m.4 views

DEBIAN-CVE-2021-37147

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0...

7.5CVSS7.3AI score0.02439EPSS
Exploits0References1
OSV
OSV
added 2018/11/06 5:29 p.m.3 views

CVE-2018-9359

In processl2capcmd of l2cmain.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

7.5CVSS5.9AI score0.01709EPSS
Exploits0References2
OSV
OSV
added 2018/04/04 5:29 p.m.4 views

CVE-2017-13249

In impeg2dapisetdisplayframe of impeg2dapimain.c, there is an out of bound write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,...

7.8CVSS6.3AI score0.01113EPSS
Exploits0References2
OSV
OSV
added 2018/01/12 11:29 p.m.4 views

CVE-2017-13201

An information disclosure vulnerability in the Android media framework mediadrm. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63982768...

7.5CVSS5.8AI score0.00514EPSS
Exploits0References2
Rows per page
Query Builder