Lucene search
K

289 matches found

CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Fortinet FortiADC Security Vulnerability

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. A security vulnerability exists in Fortinet FortiADC that stems from the presence of an improper access control vulnerability that allows a read-only authentication attacker to perform certain write operations via a craft...

6.5CVSS6.9AI score0.00338EPSS
Exploits0References2
NVD
NVD
added 2024/07/08 6:15 p.m.32 views

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

9.8CVSS0.15379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

9.8CVSS7.7AI score0.03629EPSS
Exploits0References2
Veracode
Veracode
added 2024/05/30 1:49 a.m.22 views

Type Confusion

chromium is vulnerable to a Type Confusion. The vulnerability is due to improper handling of object types, potentially allowing a remote attacker to execute arbitrary read/write operations via a crafted HTML page...

8.1CVSS8.6AI score0.0061EPSS
Exploits1References5Affected Software3
OSV
OSV
added 2024/05/20 12:24 p.m.20 views

CVE-2024-4287 Improper Input Validation in mintplex-labs/anything-llm

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of ...

8.1CVSS6AI score0.0061EPSS
Exploits1References4
CVE
CVE
added 2024/05/20 12:24 p.m.99 views

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update flow. The flaw occurs when JSON data sent via HTTP POST to /api/workspace/:workspace-slug/update is not properly validated/formatted, allowing the payload to be executed as part of a dat...

8.1CVSS7.8AI score0.0061EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/05/18 10:15 p.m.27 views

CVE-2024-28064

Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations with displayLoginChunkedImages and write operations with storeLoginChunkedImages...

9.8CVSS6.8AI score0.00856EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.21 views

RHEL 7 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

7.7AI score0.03629EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.20 views

RHEL 5 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

9.8AI score0.03629EPSS
Exploits0References2
NVD
NVD
added 2024/03/14 3:15 a.m.31 views

CVE-2024-1654

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

7.2CVSS7.8AI score0.01308EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/14 3:6 a.m.32 views

CVE-2024-1654 Unauthorized write operations in PaperCut NG/MF

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

7.2CVSS7.5AI score0.01308EPSS
Exploits0References1
CVE
CVE
added 2024/03/14 3:6 a.m.69 views

CVE-2024-1654

PaperCut NG/MF (CVE-2024-1654) enables potential unauthorized write operations that may lead to remote code execution. Exploitation requires authenticated admin access and knowledge of both an internal system identifier and another valid user. CVSS v3.1 base score is 7.2 (HIGH) with NETWORK attac...

7.2CVSS7.5AI score0.01308EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/03/14 3:6 a.m.16 views

CVE-2024-1654 Unauthorized write operations in PaperCut NG/MF

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

7.2CVSS7.5AI score0.01308EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/14 12:0 a.m.4 views

PaperCut NG/MF Security Vulnerabilities

PaperCut NG is a suite of next-generation printer control software from PaperCut Australia. A security vulnerability exists in PaperCut NG/MF that originates from allowing unauthorized write operations that could result in remote code execution...

7.2CVSS8AI score0.01308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : podman-4.1.1-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the podman-4.1.1-3.el9 build changelog. - net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via...

7.5CVSS7.1AI score0.03958EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.38 views

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-2811)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbnet.c has a .disconnect versus dvbdeviceopen race condition...

7.8CVSS6.7AI score0.12966EPSS
Exploits11References19
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.58 views

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

7.8CVSS8.2AI score0.12966EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.42 views

Rocky Linux 8 : kernel (RLSA-2022:6460)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6460 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosur...

5.5CVSS6.6AI score0.06451EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.9 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel 6.4.2 and earlier versions, which stems from a carefully crafted UDF filesystem image that can cause write...

5.5CVSS6.5AI score0.00361EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/06/21 12:0 a.m.42 views

AlmaLinux 9 : kpatch-patch (ALSA-2023:3705)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3705 advisory. - A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perfgroupdetach...

7.8CVSS7.2AI score0.12966EPSS
Exploits7References3
Rows per page
Query Builder