Lucene search
+L

85 matches found

Oracle linux
Oracle linux
added 2025/02/13 12:0 a.m.40 views

nodejs:20 security update

nodejs 1:20.18.2-1 - Update to version 20.18.2 Fixes: CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76001 RHEL-76146 1:20.16.0-1 - Update to 20.16.0 Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020 1:20.12.2-2 - Backport nghttp2 patch for CVE-2024-28182 1:20.12.2-1 - Rebase to...

6.8CVSS7.6AI score0.99999EPSS
Exploits42
RedHat Linux
RedHat Linux
added 2025/02/11 10:53 a.m.5 views

Important: Red Hat Security Advisory: RHTAS 1.1.1 - Red Hat Trusted Artifact Signer Release

The 1.1.1 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.1 The RHTAS Operator can be used with OpenShift Container Platform 4.14, 4.15, 4.16 and...

9.1CVSS6.6AI score0.03153EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.10 views

Grafana Labs 10.4.x < 10.4.15 / 11.0.x < 11.0.11 / 11.1.x < 11.1.11 / 11.2.x < 11.2.6 / 11.3.x < 11.3.3 / 11.4.x < 11.4.1, 11.5.0 (cve-2024-11741)

The version of Grafana Labs installed on the remote host is prior to 10.4.15, 11.0.11, 11.1.11, 11.2.6, 11.3.3, or 11.4.1, 11.5.0. It is, therefore, affected by a vulnerability as referenced in the cve-2024-11741 advisory. - Grafana is an open-source platform for monitoring and observability. The...

4.3CVSS6AI score0.00368EPSS
Exploits0References2
Fedora
Fedora
added 2025/01/18 1:25 a.m.14 views

[SECURITY] Fedora 40 Update: chromium-132.0.6834.83-1.fc40

Chromium is an open-source web browser, powered by WebKit Blink...

8.8CVSS7.2AI score0.07435EPSS
Exploits12
OpenVAS
OpenVAS
added 2024/12/13 12:0 a.m.10 views

Debian: Security Advisory (DSA-5829-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.04071EPSS
Exploits2References2
OSV
OSV
added 2024/07/22 12:0 a.m.15 views

CVE-2024-41704

LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images...

9.1CVSS9.6AI score0.00666EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.8 views

Telerik JustDecompile 安全漏洞

Telerik JustDecompile is a free .NET decompiler and assembly browser from Telerik Bulgaria. A security vulnerability exists in Telerik JustDecompile versions prior to 2024 R1, which stems from an elevation of privilege vulnerability that allows a less privileged user to elevate their privileges o...

7.8CVSS7.1AI score0.00189EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/13 12:0 a.m.6 views

PT-2024-14045 · Qstar · Qstar Archive Solutions

Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: The issue is an authenticated remote code execution vulnerability that allows attackers to arbitrarily execute commands. Recommendations: For QStar Archive Solutions...

8.8CVSS8.7AI score0.01487EPSS
Exploits1References4
OSV
OSV
added 2023/06/27 3:41 p.m.4 views

OPENSUSE-SU-2023:0137-1 Security update for guile1, lilypond

This update for guile1, lilypond fixes the following issues: guile1: - Add service file to download release from git excluding the directory with commercial non free files. - Update to version 2.2.6 to enable lilypond to be updated to 2.24.1 to fix boo1210502 and CVE-2020-17354. lilypond: - Updat...

8.6CVSS6.4AI score0.02788EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 3:12 p.m.7 views

SUSE-SU-2023:2221-1 Security update for conmon

This update of conmon fixes the following issues: - rebuild the package with the go 19.9 secure release bsc1200441...

7.2AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/30 7:57 p.m.7 views

CVE-2023-28846 Denial of Service in unpoly-rails

Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service DoS vulnerability in the unpoly-rails gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load...

5.9CVSS7.5AI score0.01034EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.3 views

SUSE CVE-2020-15190

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...

5.3CVSS5.3AI score0.00943EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2022/09/06 12:0 a.m.40 views

golang security update

1.17.13-1.0.1 - golang-1.17.13 release - Update tarball and version number in specfile - Reviewed-by: Jose E. Marchesi 1.17.12-1.0.1 - golang-1.17.12-1 release - Update tarball and version number in specfile - Reviewed-by: Indu Bhagat 1.17.11-1.0.1 - golang-1.17.11-1 package initial release - Add...

7.5CVSS2.7AI score0.0199EPSS
Exploits1
OSV
OSV
added 2021/10/09 8:34 a.m.10 views

OPENSUSE-SU-2021:0977-1 Security update for virtualbox

This update for virtualbox fixes the following issues: - Update vboxdrv.sh per boo1186361 Version bump to 6.1.22 released April 29 2021 by Oracle - This is a maintenance release. The following items were fixed and/or added: - VMM: Improved performance of 64-bit Windows and Solaris guests when...

8.4CVSS6AI score0.0331EPSS
Exploits1References24
WPVulnDB
WPVulnDB
added 2021/08/26 12:0 a.m.17 views

Multiple Plugins from CRM Perks - Reflected Cross-Site Scripting

Numerous plugins from the CRM Perks vendor do not escape parameters before outputting them back in attributes in admin pages, leading to a Reflected Cross-Site Scripting issues executed in the context of a logged in administrator. It first started with an obvious XSS via the vxdebug GET parameter...

2.6AI score
Exploits0Affected Software27
OSV
OSV
added 2021/08/12 10:1 a.m.9 views

SUSE-SU-2021:2660-1 Security update for grafana

This update for grafana fixes the following issues: - CVE-2021-27358: unauthenticated remote attackers to trigger a Denial of Service via a remote API call bsc1183803 - Update to version 7.5.7: Updated relref to 'Configuring exemplars' section 34240 34243 Added exemplar topic 34147 34226 Quota: D...

7.5CVSS7.8AI score0.83042EPSS
Exploits0References11
OSV
OSV
added 2021/03/08 7:15 p.m.24 views

CVE-2021-21362

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

6.5CVSS6.6AI score
Exploits0References4
OSV
OSV
added 2021/01/16 11:24 a.m.12 views

OPENSUSE-SU-2021:0082-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...

8.1CVSS6.7AI score0.16296EPSS
Exploits6References7
OSV
OSV
added 2020/06/24 4:17 a.m.5 views

OPENSUSE-SU-2020:0854-1 Security update for mozilla-nspr, mozilla-nss

This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53 - CVE-2020-12399: Fixed a timing attack on DSA signature generation bsc1171978. - CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. Release notes:...

10CVSS6.5AI score0.03596EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2020/04/23 9:55 p.m.47 views

CVE-2020-11012

MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating new service accounts for existing access keys - without knowing the admin secret key. This has bee...

9.3CVSS7.9AI score0.02103EPSS
Exploits0
Rows per page
Query Builder