Lucene search
+L

498 matches found

UbuntuCve
UbuntuCve
added 2024/07/29 3:15 p.m.7 views

CVE-2024-41082

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2024/07/29 3:15 p.m.12 views

CVE-2024-41671

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1...

8.3CVSS7.2AI score0.00856EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/07/29 3:15 p.m.9 views

CVE-2024-41070

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...

7.8CVSS6.6AI score0.00225EPSS
Exploits0References32
UbuntuCve
UbuntuCve
added 2024/07/12 12:0 a.m.10 views

CVE-0000-0003

TEST CVE 3...

5.8AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/30 12:0 a.m.16 views

Social Icons Widget & Block < 4.2.18 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. As an administrator,...

5.4AI score0.00391EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2024/02/29 12:0 a.m.8 views

CVE-2024-27083

Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting XSS vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute...

6.1CVSS6AI score0.00567EPSS
Exploits0References3
OSV
OSV
added 2024/02/15 8:15 p.m.8 views

CLSA-2024-1708028140 Update of microcode_ctl

Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10...

5.8AI score
Exploits0References1
OSV
OSV
added 2024/01/22 4:31 p.m.10 views

CLSA-2024-1705941083 Update of alt-php

Update ca-certificates database to 20231207: - mozilla/certdata.txt,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.64. - The following certificares were updated: Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - The following certificates authoriti...

5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/12/13 7:15 p.m.10 views

CVE-2023-46727

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, GLPI inventory endpoint can be used to drive a SQL injection attack. Version 10.0.11 contains a patch for the issue. As a workaround, disable native inventory...

9.8CVSS7.2AI score0.67107EPSS
Exploits0References3
securityvulns
securityvulns
added 2013/10/09 12:0 a.m.38 views

AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP

Asterisk Project Security Advisory - AST-2013-004 Product Asterisk Summary Remote Crash From Late Arriving SIP ACK With SDP Nature of Advisory Remote Crash Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On February 11, 2013 Reported By Colin Cuthbertson...

0.6AI score
Exploits0
myhack58
myhack58
added 2013/05/04 12:0 a.m.16 views

CTSCMS the latest vulnerability-vulnerability warning-the black bar safety net

China travel service website management systemCTSCMS.COMis a professional tourism website, the program source code, travel website, travel website templates, tourism website construction service providers,focusing on the tourism e-Commerce development services to travel agencies and tour it...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/01/04 12:0 a.m.28 views

0day! phpweb pseudo-static page injection-vulnerability warning-the black bar safety net

phpweb all of the entire Station program pseudo-static pages are presentsql injection Main Station: http://phpweb.net/ Added’detection: http://www.phpweb.net/down/html/?772'. html Error The presence of injection. Can't use spaces, only use/Rowe http://www.phpweb.net/page/html/?56'//and//1=1/. htm...

0.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/04/21 1:5 p.m.16 views

CVE-2008-0165

Cross-site request forgery CSRF vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, including passwords, via the 1 preferences and 2 edit forms...

4.3CVSS6AI score0.00637EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/01/12 12:46 a.m.29 views

CVE-2007-6420

Cross-site request forgery CSRF vulnerability in the balancer-manager in modproxybalancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors...

4.3CVSS7.2AI score0.09114EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.18 views

Solaris 7 (x86) : 107023-11

CDE 1.3x86: Calendar Manager patch. Date this patch was last updated by Sun : Sep/21/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

0.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.21 views

Solaris 8 (x86) : 111401-04

SunOS 5.8x86: kcmsserver and kcmsconfigure patch. Date this patch was last updated by Sun : Jan/17/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...

6.9CVSS6.7AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.22 views

Solaris 8 (sparc) : 113685-07

SunOS 5.8: logindmux, ptsl, ms, bufmod, ll. Date this patch was last updated by Sun : Jan/19/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

4.9CVSS6.7AI score0.00269EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.37 views

Security update 1970-01-01

...

7.3AI score
Exploits0
Rows per page
Query Builder