Lucene search
K

87 matches found

Vulnrichment
Vulnrichment
added 2025/03/11 12:0 a.m.7 views

CVE-2024-28607

The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses such as 0x7f.1 are improperly categorized as globally routable via a falsy isPrivate return value...

2.9CVSS4AI score0.0014EPSS
Exploits0References2
CVE
CVE
added 2025/03/11 12:0 a.m.44 views

CVE-2024-28607

CVE-2024-28607 affects the ip-utils package for Node.js up to version 2.4.0. The root cause is a faulty isPrivate check that can misclassify certain IPs (e.g., 0x7f.1) as globally routable, enabling SSRF. Documented impacts are SSRF risk; no explicit remediation or patch/version guidance is prese...

2.9CVSS7.2AI score0.0014EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/11 12:0 a.m.13 views

CVE-2024-28607

The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses such as 0x7f.1 are improperly categorized as globally routable via a falsy isPrivate return value...

2.9CVSS0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-0718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote in them cause incorrect masking in debug logs, causing any part of...

4.9CVSS5.4AI score0.01335EPSS
Exploits1References2
OSV
OSV
added 2025/01/24 4:55 a.m.1 views

MAL-2025-477 Malicious code in godaddy-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6e3e78c314bba5e60254ba13cbb65a58a2d4c0f88a9ea6a5b62cde08027bd2bb The OpenSSF Package Analysis project identified 'godaddy-utils' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/09 3:3 a.m.4 views

Malicious code in action-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31baa3db4424164fa3d7884ba12d4c44fdfe3bc4db9eb835121b5adbeb9485db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:32 p.m.5 views

Malicious code in biip-utils (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 6 : xdg-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xdg-utils: local file inclusion vulnerability CVE-2020-27748 - xdg-utils: improper parse of mailto URIs...

7.9AI score0.01443EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2024/04/03 7:10 p.m.270 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-Checker The repository consists of a checker fil...

10CVSS10AI score0.85974EPSS
Exploits40
Vulnrichment
Vulnrichment
added 2024/03/25 5:0 a.m.20 views

CVE-2024-21505

Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due to insecure recursive merge. An attacker can manipulate an object's prototype, potentially leading to the alteration of the behavior of all objects inheriting...

7.5CVSS6.8AI score0.00712EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/02/02 11:15 p.m.26 views

CVE-2023-0634

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

5.9AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2023/02/02 6:7 a.m.48 views

CVE-2023-0634

An uncontrolled process operation was found in the newgrp command provided by the shadow-utils package. This issue could cause the execution of arbitrary code provided by a user when running the newgrp command...

3.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2022-0455)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS5.2AI score0.00308EPSS
Exploits0References4
Chainguard
Chainguard
added 2022/09/16 5:13 p.m.5 views

GHSA-VFV3-9W6V-23JP vulnerabilities

Vulnerabilities for packages: efs-utils...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/16 6:47 a.m.3 views

Malicious code in rmesse-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95598c9e21fb55331bec7e3e8ec91ebf7174c5036d14918247fdc377c2aff6ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/05/16 6:46 a.m.4 views

Malicious code in f0-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0bc80ffed72bd61fae6dc05340437a775bd61cb786636c3fdc8ba346429cc9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/05/12 10:24 a.m.4 views

MGASA-2022-0170 Updated cifs-utils packages fix security vulnerability

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CVE-2022-27239 cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign...

7.8CVSS6.3AI score0.01804EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/10 12:0 a.m.17 views

Fedora: Security Advisory for cifs-utils (FEDORA-2022-34de4f833d)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.5AI score0.00562EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2012:1529-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.9AI score0.00488EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.21 views

EulerOS 2.0 SP2 : cifs-utils (EulerOS-SA-2021-1284)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary...

7CVSS6.4AI score0.00652EPSS
Exploits1References2
Rows per page
Query Builder