9593 matches found
Exploit for PHP External Variable Modification in Juniper Junos
Automation for Juniper CVE:2023-36845 Overview is a bash sc...
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
DEBIAN-CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
AZL-35253 CVE-2023-40546 affecting package shim for versions less than 15.8-3
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
AZL-33984 CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-1
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
AZL-35271 CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-3
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
AZL-34157 CVE-2023-40546 affecting package shim for versions less than 15.8-1
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
AZL-35261 CVE-2023-40546 affecting package shim-unsigned-aarch64 for versions less than 15.8-3
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
CVE-2023-40546 Shim: out-of-bounds read printing error messages
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
[SECURITY] Fedora 38 Update: vorbis-tools-1.4.2-9.fc38
Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The vorbis package contains an encoder, a decoder, a playback tool, and a comment editor...
[SECURITY] Fedora 39 Update: vorbis-tools-1.4.2-10.fc39
Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The vorbis package contains an encoder, a decoder, a playback tool, and a comment editor...
EulerOS 2.0 SP11 : vim (EulerOS-SA-2024-1130)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file...
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...
RHCOS 4 : OpenShift Container Platform 4.10.56 (RHSA-2023:1655)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1655 advisory. - kube-apiserver: Aggregated API server can cause clients to be redirected SSRF CVE-2022-3172 - spring-security-oauth2-client:...
RHCOS 4 : OpenShift Container Platform 4.9.59 (RHSA-2023:1524)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1524 advisory. - apache-commons-text: variable interpolation RCE CVE-2022-42889 Note that Nessus has not tested for this issue but has instead relied only o...
CVE-2024-22205
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the window endpoint does not sanitize user-supplied input from the location variable and passes it to the send method which sends a GET request on lines 339-343 in request.py, which leads to a server-side request...
Rayder - A Lightweight Tool For Orchestrating And Organizing Your Bug Hunting Recon / Pentesting Command-Line Workflows
Rayder is a command-line tool designed to simplify the orchestration and execution of workflows. It allows you to define a series of modules in a YAML file, each consisting of commands to be executed. Rayder helps you automate complex processes, making it easy to streamline repetitive modules and...