Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2025/08/04 11:22 p.m.4 views

SUSE CVE-2025-54574

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access...

8.9CVSS8.3AI score0.22744EPSS
Exploits1References4
OSV
OSV
added 2025/08/01 6:15 p.m.9 views

AZL-66075 CVE-2025-54574 affecting package squid 5.7-5

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access...

9.8CVSS8.2AI score0.22744EPSS
Exploits1References1
Snyk
Snyk
added 2025/06/24 7:43 a.m.1 views

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Overview apache-airflow-providers-snowflake is a Provider package apache-airflow-providers-snowflake for Apache Airflow Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane Special Element Injection in the...

9.8CVSS8.1AI score0.00593EPSS
Exploits0References2
Snyk
Snyk
added 2025/05/19 12:0 a.m.1 views

Missing Authentication for Critical Function

Overview org.springframework.security:spring-security-core is a package that provides security services for the Spring IO Platform. Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to improperly locating method security annotations on private...

9.3CVSS6.8AI score0.00535EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/12/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-53677

File upload logic is flawed vulnerability in Apache Struts. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users are recommended to upgrade to version 6.4.0 and migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload...

9.8CVSS7.3AI score0.78198EPSS
Exploits15References1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.5 views

PT-2024-35091 · Hapi Fhir · Hapi Fhir

Name of the Vulnerable Software and Affected Versions: HAPI FHIR versions prior to 6.4.0 Description: The XSLT parsing performed by various components in HAPI FHIR is vulnerable to XML external entity injections. This issue can be exploited by submitting a malicious XML file with a DTD tag,...

8.6CVSS7.1AI score0.00918EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-6879 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.5 Description: The issue is related to a path traversal vulnerability that allows a remote unauthenticated attacker to bypass authentication. This is due to incorrect restriction of the path name to a...

9.8CVSS7.4AI score0.37965EPSS
Exploits0References11
Amazon
Amazon
added 2023/11/14 12:0 a.m.3 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

9.3CVSS6.7AI score0.10221EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/10 12:0 a.m.5 views

PT-2023-23874 · Avalanche · Avalanche

Name of the Vulnerable Software and Affected Versions: Avalanche versions 6.3.x and below Description: An unrestricted upload of file with a dangerous type could allow an attacker to achieve remote code execution. The issue is fixed in version 6.4.1. Recommendations: For Avalanche versions 6.3.x...

9.8CVSS7AI score0.38414EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.3 views

PT-2022-19488 · Unknown +3 · Jupyter Notebook +3

Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 6.4.12 Description: The issue concerns Jupyter Notebook, a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with...

7.5CVSS5.8AI score0.01741EPSS
Exploits1References41
Positive Technologies
Positive Technologies
added 2018/04/17 12:0 a.m.4 views

PT-2018-3861 · Tibco +1 · Tibco Jasperreports Server +5

Name of the Vulnerable Software and Affected Versions: TIBCO JasperReports Server versions up to and including 6.4.2 TIBCO JasperReports Server Community Edition versions up to and including 6.4.2 TIBCO JasperReports Server for ActiveMatrix BPM versions up to and including 6.4.2 TIBCO Jaspersoft...

8.8CVSS7.5AI score0.48753EPSS
Exploits2References14
Rows per page
Query Builder