Lucene search
K

36 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in nss

During RSA key generation, bignum implementations used a variant of the Binary Extended Euclidean Algorithm, which involved significant input-dependent processing. This allowed attackers to perform electromagnetic-based side-channel attacks to capture traces that could lead to the recovery of...

4.4CVSS6.6AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2026/04/26 1:19 p.m.26 views

CVE-2018-25282

Nmap 7.70 is affected by a local denial-of-service vulnerability caused by exponential XML entity expansion in XML processing (triggered via ZenMap scan import). A crafted XML file with nested entity definitions can cause excessive resource consumption, potentially crashing the application. The C...

6.9CVSS5.3AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : firefox-78.10.0-1.0.1.el8 (AXSA:2021-1733:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1733:13 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

8.8CVSS8.5AI score0.01764EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.3 views

TencentOS Server 2: python-setuptools (TSSA-2024:0503)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0503 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.8CVSS7.6AI score0.01939EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/16 2:39 p.m.13 views

CVE-2024-13597

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability ha...

5.1CVSS5.4AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2025/04/14 12:15 p.m.2 views

CVE-2024-49707

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for resetting user's password with a malicious script, what causes the script to run in user's context. This...

6.1CVSS5.7AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2025/04/14 12:15 p.m.4 views

CVE-2024-49705

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise DoS attacks. An attacker might trick a user into using an URL with a d parameter set to an unhandled value. All the subsequent requests will not be accepted as the server returns an error...

6.5CVSS5.7AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/14 12:5 p.m.20 views

CVE-2024-49706 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS0.00294EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/14 12:5 p.m.9 views

CVE-2024-49706 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS6.5AI score0.00294EPSS
Exploits0References2
CVE
CVE
added 2025/04/14 12:3 p.m.79 views

CVE-2024-10089

Technical details about CVE-2024-10089 are not publicly available in the provided documents. No specifics on affected components, root cause, exploit info, or fixes beyond the brief description are provided.

5.4CVSS5.6AI score0.00198EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/04/14 12:3 p.m.66 views

CVE-2024-10088

CVE-2024-10088 affects the Internet Starter module of SoftCOM iKSORIS. It is vulnerable to a Reflected XSS attack where a user is tricked into submitting a login form containing a malicious script, causing the script to run in the user’s browser context. The vulnerability is patched in version 79...

6.1CVSS5.7AI score0.00214EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.5 views

Astra Linux – Vulnerability in setuptools

A vulnerability exists in the packageindex module of pypa/setuptools versions up to 69.1.1, allowing for remote code execution through its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are vulnerable t...

8.8CVSS7.6AI score0.01939EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.5 views

International Color Consortium DemoIccMAX Buffer Error Vulnerability

DemoIccMAX is International Color Consortium open source a iccMAX color profile demo implementation. A security vulnerability exists in International Color Consortium DemoIccMAX version 79ecb74, which stems from an out-of-bounds read vulnerability in function CIccPRMG::GetChroma...

8.8CVSS6.8AI score0.00535EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-17463

Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS9.1AI score0.83898EPSS
Exploits6References7
OSV
OSV
added 2020/11/12 7:15 p.m.3 views

CVE-2020-12324

Protection mechanism failure in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/11/05 8:57 a.m.4 views

Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

9.8CVSS7.5AI score0.0262EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:49 a.m.5 views

Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...

6.5CVSS7.3AI score0.01392EPSS
Exploits0References5
CNVD
CNVD
added 2020/07/03 12:0 a.m.3 views

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2020-46370)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 77. An attacker can exploit the vulnerability to corrupt memory and possibly execute arbitrary code...

9.3CVSS9.1AI score0.01616EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/22 12:0 a.m.2 views

Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-34652)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 76. An attacker could exploit the vulnerability to bypass content security policies...

7.5CVSS8.6AI score0.01351EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/08 12:0 a.m.5 views

Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-35374)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in the implementation of the address bar in versions of Mozilla Firefox prior to 76. A local attacker could exploit the vulnerability to forge the current address...

3.3CVSS8.4AI score0.00275EPSS
Exploits0References1
Rows per page
Query Builder