Lucene search
K

438 matches found

Code423n4
Code423n4
added 2021/04/28 12:0 a.m.8 views

ERC20 return values not checked

Handle @cmichelio Vulnerability details Vulnerability Details The ERC20.transfer and ERC20.transferFrom functions return a boolean value indicating success. This parameter needs to be checked for success. Furthermore, some tokens like USDT don't correctly implement the ERC20 standard and don't...

6.9AI score
Exploits0
OSV
OSV
added 2021/04/23 10:46 a.m.6 views

OPENSUSE-SU-2021:0600-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

6.5CVSS5.5AI score0.02515EPSS
Exploits3References33
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/22 4:0 p.m.42 views

Evolving beyond password complexity as an identity strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/04/21 1:15 p.m.240 views

Moderate: Red Hat Security Advisory: Satellite 6.9 Release

An update is now available for Red Hat Satellite 6.9 for RHEL 7. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: foreman:...

9.8CVSS7AI score0.45732EPSS
Exploits9References326
Tenable Nessus
Tenable Nessus
added 2021/04/21 12:0 a.m.190 views

RHEL 7 : Satellite 6.9 Release (Moderate) (RHSA-2021:1313)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1313 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...

9.8CVSS7.5AI score0.45732EPSS
Exploits9References345
OSV
OSV
added 2021/04/16 12:45 p.m.5 views

SUSE-SU-2021:1243-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

6.5CVSS6.2AI score0.02515EPSS
Exploits3References33
CNNVD
CNNVD
added 2021/03/30 12:0 a.m.4 views

LIM OpenEXR 输入验证错误漏洞

Industrial Light And Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. An input validation error vulnerability exists in OpenEXR B44 uncompression, which can be exploited by an attacker to trigger a shift overflow and potentiall...

5.3CVSS5.9AI score0.01848EPSS
Exploits0References14
OSV
OSV
added 2021/03/17 4:9 p.m.4 views

SUSE-SU-2021:0806-1 Security update for crmsh

This update for crmsh fixes the following issues: - Update to version 4.3.0+20210219.5d1bf034: Fix: hbreport: walk through hbreport process under haclusterCVE-2020-35459, bsc1179999; CVE-2021-3020, bsc1180571 Fix: bootstrap: setup authorized ssh access for haclusterCVE-2020-35459, bsc1179999;...

8.8CVSS7.8AI score0.00994EPSS
Exploits1References10
CNVD
CNVD
added 2021/03/12 12:0 a.m.5 views

SAP NetWeaver Knowledge Management Configuration Service Insecure Deserialization Vulnerability

SAP NetWeaver Knowledge Management Configuration Service is a knowledge management solution configuration service from SAP. A security vulnerability exists in SAP NetWeaver Knowledge Management Configuration Service versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50, which allows remote attackers with...

6.5CVSS7.2AI score0.01295EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2021/02/12 7:26 p.m.177 views

Metasploit Wrap-Up

MicroFocus? More like MacroVuln MicroFocus’s Operations Bridge Manager is a security information and event management SIEM tool designed to collect and parse security logs from multiple disparate sources. OBM has a large attack surface—something Pedro Ribeiro was able to take advantage of with hi...

9CVSS8.8AI score0.99295EPSS
Exploits94
OSV
OSV
added 2021/01/20 3:22 p.m.5 views

OPENSUSE-SU-2021:0127-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.6.1 changed: MailExtensions: browserAction, composeAction, and messageDisplayAction toolbar buttons now support label and defaultlabel properties bmo1583478 fixed: Running a quicksearch that returned no result...

8.8CVSS9AI score0.01283EPSS
Exploits0References3
Virtuozzo
Virtuozzo
added 2021/01/19 12:0 a.m.29 views

Virtuozzo Automator 7.0 Update 2 Hotfix 15 (VA MN 7.0.2-680, VA Agent 7.0.2-407)

The Hotfix 15 for Virtuozzo Automator 7.0.2 provides stability and usability fixes. Vulnerability id: PVA-37501 pvaagentd could be killed by SIGSEGV. Vulnerability id: PVA-37697, PVA-37707 Coalesce operation could be performed on an outdated cached list of backups. Vulnerability id: PVA-37537 Fre...

1.3AI score
Exploits0
Virtuozzo
Virtuozzo
added 2020/12/25 12:0 a.m.68 views

Product update: Virtuozzo PowerPanel Update 1 (7.0.4-30)

The update for Virtuozzo PowerPanel introduces new features as well as stability and usability fixes. Vulnerability id: PP-578 The 'vzapi' command to reset the backup limit to 0 could fail. Vulnerability id: PP-580 A wrong config parameter was documented for instance default backup limit...

2.6AI score
Exploits0
CNVD
CNVD
added 2020/12/08 12:0 a.m.4 views

Binary vulnerability in jerryscript (CNVD-2020-72374)

erryScript is a lightweight JavaScript engine that runs on restricted devices. A binary vulnerability exists in jerryscript. An attacker could exploit this vulnerability to cause an impact on usability...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/12/08 12:0 a.m.4 views

Binary vulnerability in jerryscript (CNVD-2020-72373)

JerryScript is a lightweight JavaScript engine that runs on restricted devices. A binary vulnerability exists in jerryscript, which can be exploited by attackers to compromise usability...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/12/08 12:0 a.m.73 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-2187)

This update for MozillaThunderbird fixes the following issues : TODO - Mozilla Thunderbird 78.5.0 - new: OpenPGP: Added option to disable attaching the public key to a signed message bmo1654950 - new: MailExtensions: 'composeattachments' context added to Menus API bmo1670822 - new: MailExtensions...

9.6CVSS7.9AI score0.5063EPSS
Exploits3References13
Virtuozzo
Virtuozzo
added 2020/12/08 12:0 a.m.35 views

Product update: Virtuozzo Hybrid Server 7.5 Hotfix 1 (7.5.0-589)

The Hotfix 1 for Virtuozzo Hybrid Server 7.5 provides stability and usability bug fixes. Vulnerability id: PSBM-108125 Virtuozzo Storage trial licenses ending in 2021 could be reported as invalid. Vulnerability id: PSBM-123396 Migrating a VM over Virtuozzo Storage could take a very long time...

7AI score
Exploits0
OSV
OSV
added 2020/12/07 11:5 a.m.6 views

OPENSUSE-SU-2020:2187-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: TODO - Mozilla Thunderbird 78.5.0 new: OpenPGP: Added option to disable attaching the public key to a signed message bmo1654950 new: MailExtensions: 'composeattachments' context added to Menus API bmo1670822 new: MailExtensions: Menus...

9.6CVSS8.6AI score0.5063EPSS
Exploits3References14
CNVD
CNVD
added 2020/12/07 12:0 a.m.6 views

ImageMagick Input Validation Error Vulnerability (CNVD-2021-10262)

ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. An input validation error vulnerability exists in ImageMagick, where MagickCore/quantum.h in versions prior to ImageMagick 7.0.9-0 has a range of representable values...

4.3CVSS7.3AI score0.01124EPSS
Exploits1References1
CNVD
CNVD
added 2020/12/07 12:0 a.m.6 views

ImageMagick Input Validation Error Vulnerability (CNVD-2021-10259)

ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. ImageMagick Input Validation Error Vulnerability, coders/bmp.c in versions of ImageMagick prior to 7.0.9-0, exists outside the range of representable values of type...

4.3CVSS7.3AI score0.01124EPSS
Exploits1References1
Rows per page
Query Builder