Lucene search
+L

148 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:2 p.m.13 views

CVE-2021-1059

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x prior to 8.6 and version 11.0 prior...

7.8CVSS6.6AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:11 p.m.9 views

CVE-2021-1066

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x prior to 8.6 and version 11.0 prior to 11.3...

5.5CVSS6.7AI score0.00334EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.8 views

CVE-2020-5987

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or...

7.8CVSS7.1AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.8 views

CVE-2020-5988

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...

7.1CVSS6.6AI score0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/12 11:30 a.m.21 views

CVE-2024-12292 Insertion of Sensitive Information into Log File in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs...

4CVSS0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.7 views

Learning Digital Orca HCM 访问控制错误漏洞

Learning Digital Orca HCM is a digital learning platform from China-based Learning Digital. An access control error vulnerability exists in Learning Digital Orca HCM prior to version 11.0, which arises from improperly restricting access to a specific feature, which could allow an unauthenticated,...

9.8CVSS6.7AI score0.00677EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.6 views

openSUSE SEoL (11.0.x)

According to its version, openSUSE is 11.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...

5.5AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/12 6:36 a.m.30 views

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component coul...

3.7CVSS4.5AI score0.01276EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.372 views

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...

10CVSS9.8AI score0.99999EPSS
Exploits43
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.6 views

PT-2024-21103 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions =11.0 Description: The issue allows a remote, unauthenticated attacker to craft a URL that, when clicked, could generate a message enticing an unsuspecting victim to visit an arbitrary website, simplifying...

6.1CVSS7.1AI score0.00425EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.52 views

HCL BigFix Server 9.5.x < 9.5.24 / 10.0.x < 10.0.10 / 11.0.x < 11.0.1 Multiple Vulnerabilities (KB0110209)

The version of HCL BigFix Server installed on the remote host is 9.5.x prior to 9.5.24, 10.0.x prior to 10.0.10 or 11.x prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the KB0110209 advisory. - Heap-based buffer overflow vulnerability in the SOCKS5 proxy...

9.8CVSS8.1AI score0.78483EPSS
Exploits6References9
OSV
OSV
added 2023/05/19 6:30 p.m.24 views

GHSA-36CM-H8GV-MG97 RosarioSIS Stores Sensitive Data in a Mechanism without Access Control

RosarioSIS prior to 11.0 allows anyone, regardless of authentication status, to download and view file attachments under the salaries module. In addition, the file names contain a date in a YYYY-MM-DD format and a random six-string digit, making enumerating file names with automated tools...

7.5CVSS7.6AI score0.00613EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/05/19 12:0 a.m.13 views

Piwigo 11.0.x < 13.6.0 SQLi Vulnerability

Piwigo is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:piwigo:piwigo"; if...

8.8CVSS8.1AI score0.00902EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.3 views

Gluster GlusterFS 缓冲区错误漏洞

GlusterFS is the file system for Gluster by Gluster, Inc. A security vulnerability exists in Gluster GlusterFS version 11.0, which has a source of a stack buffer overflow in glusterfs/xlators/mount/fuse/src/fuse-bridge.c. The vulnerability is caused by the presence of a stack buffer overflow...

7.5CVSS7.6AI score0.00914EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.26 views

SugarCRM 11.0.x < 11.0.5, 12.0.x < 12.0.2 RCE Vulnerability

SugarCRM is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sugarcrm:sugarcrm...

8.8CVSS9.4AI score0.80274EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.13 views

GitLab 11.0.0 < 14.8.6, 14.9.x < 14.9.4, 14.10.x < 14.10.1 Information Disclosure Vulnerability

GitLab is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

5.3CVSS5.4AI score0.01269EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 5:9 p.m.15 views

GHSA-JH69-6VV2-WFP5 Dolibarr ERP and CRM contain XSS Vulnerability

Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header...

5.4CVSS5.2AI score0.00851EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.17 views

Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub is affected by a user password being stored in plain text vulnerability (CVE-2017-1309)

Summary IBM InfoSphere Master Data Management Reference Data Management Hub has addressed the following vulnerability. IBM InfoSphere Master Data Management Reference Data Management Hub stores user credentials in plain text which can be read by a local user. Vulnerability Details CVEID:...

2.1CVSS0.8AI score0.00232EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.28 views

Security Bulletin: IBM InfoSphere Master Data Management Collaborative Edition affected by Privilege Escalation security vulnerabilities (CVE-2015-7424)

Summary IBM InfoSphere Master Data Management - Collaborative Edition is vulnerable to Privilege Escalation. Vulnerability Details CVEID: CVE-2014-7424 DESCRIPTION: Provide sufficient details for someone to tell if they have the problem, but not enough detail that someone with malicious intent...

5.4CVSS4.8AI score0.01342EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.60 views

ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass

Zoho ManageEngine ServiceDesk Plus versions 11.3 before 11302, 11.2 before 11208, 11.1 before 11145 and 11.0 before 11012 are vulnerable to authentication bypass that allows a few REST-API URLs without authentication. Note that Nessus has not tested for this issue but has instead relied only on t...

9.8CVSS8.3AI score0.99854EPSS
Exploits0References2
Rows per page
Query Builder