Lucene search
K

249 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0282: gstreamer1-plugins-good (ALINUX3-SA-2024:0282)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0282 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-47537: GStreamer is a library for...

9.8CVSS7.9AI score0.01344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/13 8:18 a.m.8 views

rsync: Info Leak via Uninitialized Stack Contents

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

7.5CVSS7.1AI score0.09353EPSS
Exploits2References5
NVD
NVD
added 2025/03/25 6:15 a.m.17 views

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

5.4CVSS0.00274EPSS
Exploits0References2
OSV
OSV
added 2025/03/25 6:15 a.m.3 views

UBUNTU-CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

5.4CVSS5.8AI score0.00274EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.4 views

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from the use of uninitialized stack memory under certain circumstances...

5.4CVSS6.5AI score0.00274EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/25 12:0 a.m.5 views

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

5.4CVSS7.4AI score0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/25 12:0 a.m.15 views

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

5.4CVSS0.00274EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/03/25 12:0 a.m.6 views

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

5.4CVSS7.5AI score0.00274EPSS
Exploits0
NVD
NVD
added 2025/03/07 9:15 a.m.16 views

CVE-2025-21835

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...

5.5CVSS0.00189EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-52452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this...

7.8CVSS6.8AI score0.00239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/02/12 5:51 p.m.17 views

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.17

Logging for Red Hat OpenShift - 5.8.17 Logging for Red Hat OpenShift - 5.8.17 cluster-logging-operator-container: Info Leak via Uninitialized Stack Contents openshift-logging-5.8...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References3
Amazon
Amazon
added 2025/02/04 12:0 a.m.4 views

Important: gstreamer1-plugins-good

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the...

9.8CVSS7.8AI score0.01005EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/02/03 1:10 a.m.3 views

rsync: Info Leak via Uninitialized Stack Contents

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

7.5CVSS7AI score0.09353EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2025/02/03 1:10 a.m.15 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2025/02/03 1:5 a.m.20 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2025/01/30 5:0 p.m.54 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2025/01/29 8:7 a.m.15 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/01/29 12:0 a.m.11 views

RHEL 8 : rsync (RHSA-2025:0790)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0790 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...

7.5CVSS7.6AI score0.09353EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2025/01/28 6:53 p.m.16 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.2AI score0.09353EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/01/28 12:0 a.m.23 views

RHEL 9 : rsync (RHSA-2025:0688)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0688 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...

7.5CVSS7.6AI score0.09353EPSS
Exploits2References4
Rows per page
Query Builder