Lucene search
K
CvelistMost viewed

366254 matches found

Cvelist
Cvelist
•added 2024/03/13 3:48 p.m.•60 views

CVE-2024-23672 Apache Tomcat: WebSocket DoS with incomplete closing handshake

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from...

7.8AI score0.02313EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/03/01 12:37 a.m.•60 views

CVE-2024-22100 MicroDicom DICOM Heap-based Buffer Overflow

MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability...

7.8CVSS8.1AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/02/19 11:24 a.m.•60 views

CVE-2024-1346 Weak MySQL database root password in LaborOfficeFree

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants...

6.8CVSS6.7AI score0.00392EPSS
Exploits5References1
Cvelist
Cvelist
•added 2024/02/13 9:38 p.m.•60 views

CVE-2023-6152

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verifyemailenabled" will only validate email only on sign up...

5.4CVSS5.8AI score0.01385EPSS
Exploits1References2
Cvelist
Cvelist
•added 2024/02/13 2:5 p.m.•60 views

CVE-2023-5679 Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.8AI score0.01231EPSS
Exploits0References7
Cvelist
Cvelist
•added 2024/02/06 12:22 a.m.•60 views

CVE-2023-6231

Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and...

9.8CVSS10AI score0.01383EPSS
Exploits0References4
Cvelist
Cvelist
•added 2024/02/06 12:0 a.m.•60 views

CVE-2024-24680

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings...

7.5AI score0.01606EPSS
Exploits0References6
Cvelist
Cvelist
•added 2024/01/30 3:50 p.m.•60 views

CVE-2024-22193 vantage6 unencrypted task can be created in encrypted collaboration

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a tas...

3.5CVSS4.7AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/01/25 7:45 p.m.•60 views

CVE-2024-23656 Dex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex 2.37.0 serves HTTPS with insecure TLS 1.0 and TLS 1.1. cmd/dex/serve.go line 425 seemingly sets TLS 1.2 as minimum version, but the whole tlsConfig is ignored after TLS cert reloader was introduced in...

7.5CVSS7.6AI score0.00435EPSS
Exploits1References5
Cvelist
Cvelist
•added 2024/01/05 9:2 p.m.•61 views

CVE-2024-21641 Flarum's Logout Route allows open redirects

Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...

6.5CVSS7.6AI score0.01067EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/12/22 6:30 p.m.•60 views

CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the authCodeVerifier should be removed after usage similar to authStat...

6.8CVSS8.9AI score0.00492EPSS
Exploits1References5
Cvelist
Cvelist
•added 2023/12/09 12:42 a.m.•60 views

CVE-2023-49797 Local Privilege Escalation in pyinstaller on Windows

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

8.8CVSS8.7AI score0.00324EPSS
Exploits0References5
Cvelist
Cvelist
•added 2023/11/27 12:0 a.m.•60 views

CVE-2023-42364

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...

5.6AI score0.00433EPSS
Exploits1References1
Cvelist
Cvelist
•added 2023/10/12 10:55 p.m.•60 views

CVE-2023-22392 Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren't installed as the hardware doesn't support them, lead to an FPC heap memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. PTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 wit...

6.5CVSS6.9AI score0.00282EPSS
Exploits0References1
Cvelist
Cvelist
•added 2023/10/10 6:38 p.m.•60 views

CVE-2023-45648 Apache Tomcat: Trailer header parsing too lenient

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomca...

6.7AI score0.05848EPSS
Exploits2References1
Cvelist
Cvelist
•added 2023/09/27 8:24 p.m.•60 views

CVE-2023-43651 Remote code execution on the host system via MongoDB shell in jumpserver

JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI interface provid...

8.5CVSS10AI score0.01716EPSS
Exploits1References2
Cvelist
Cvelist
•added 2023/08/29 4:46 p.m.•60 views

CVE-2023-41037 Cleartext Signed Message Signature Spoofing in openpgpjs

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS4.9AI score0.00309EPSS
Exploits1References2
Cvelist
Cvelist
•added 2023/08/08 12:0 a.m.•60 views

CVE-2023-36344

An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature...

8AI score0.00395EPSS
Exploits2References2
Cvelist
Cvelist
•added 2023/07/06 3:3 p.m.•60 views

CVE-2023-36830 SQLFluff vulnerability for users with access to config file, using `library_path` to call arbitrary python code.

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

6.3CVSS8AI score0.00414EPSS
Exploits1References2
Cvelist
Cvelist
•added 2023/07/03 12:0 a.m.•60 views

CVE-2023-36053

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...

7.6AI score0.02978EPSS
Exploits0References8
Cvelist
Cvelist
•added 2023/06/07 11:20 p.m.•60 views

CVE-2023-34239 Unfiltered paths in gradio

Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in...

7.3CVSS9.5AI score0.00651EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/06/05 5:31 a.m.•60 views

CVE-2023-3096 KylinSoft kylin-software-properties changedSource access control

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the...

5.3CVSS7.8AI score0.00332EPSS
Exploits1References3
Cvelist
Cvelist
•added 2023/05/30 12:0 a.m.•60 views

CVE-2023-23956

A user can supply malicious HTML and JavaScript code that will be executed in the client browser...

5.7AI score0.03083EPSS
Exploits3References2
Cvelist
Cvelist
•added 2023/05/18 9:27 p.m.•60 views

CVE-2023-30470

A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Herme...

10AI score0.01249EPSS
Exploits0References2
Cvelist
Cvelist
•added 2023/05/09 12:0 a.m.•61 views

CVE-2023-28128

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution...

7.3AI score0.84697EPSS
Exploits3References2
Cvelist
Cvelist
•added 2023/05/03 12:0 a.m.•60 views

CVE-2022-40302

An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...

6.8AI score0.01983EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/04/27 12:0 a.m.•60 views

CVE-2023-31285

An XSS issue was discovered in Serenity Serene and StartSharp before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user...

6.1AI score0.00785EPSS
Exploits1References3
Cvelist
Cvelist
•added 2023/04/20 12:0 a.m.•60 views

CVE-2023-27351

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper...

8.2CVSS8.4AI score0.77388EPSS
Exploits2References2
Cvelist
Cvelist
•added 2023/04/19 7:10 p.m.•60 views

CVE-2023-30797 Insecure Random Generation in Netflix Lemur

Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. The insufficiently random values may allow an attacker to guess the credentials and gain access to resources managed by Lemur...

7.5CVSS7.8AI score0.00784EPSS
Exploits0References4
Cvelist
Cvelist
•added 2023/04/18 11:50 p.m.•60 views

CVE-2023-29515 Cross-site scripting (XSS) in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can create a space can become admin of that space through App Within Minutes. The admin right implies the script right and thus allows JavaScript injection. The vulnerability can ...

7.7CVSS7.9AI score0.00567EPSS
Exploits1References3
Cvelist
Cvelist
•added 2023/04/11 7:13 p.m.•60 views

CVE-2023-24927 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

...

8.8CVSS9.4AI score0.0164EPSS
Exploits0References1
Cvelist
Cvelist
•added 2023/03/30 6:12 p.m.•60 views

CVE-2023-28647 App pin of the iOS app can be bypassed in Nextcloud iOS

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...

4.4CVSS6.5AI score0.00278EPSS
Exploits0References2
Cvelist
Cvelist
•added 2023/03/21 12:0 a.m.•60 views

CVE-2023-26497

An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute...

8.6CVSS9.9AI score0.24266EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/03/15 8:29 p.m.•60 views

CVE-2023-27598 OpenSIPS has vulnerability in the parse_via() function

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed Via header to OpenSIPS triggers a segmentation fault when the function calctagsuffix is called. A specially crafted Via header, which is deemed correct by the parser, will...

7.5CVSS7.6AI score0.00971EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/01/25 9:39 p.m.•60 views

CVE-2022-3736 named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...

7.5CVSS7.7AI score0.5017EPSS
Exploits0References1
Cvelist
Cvelist
•added 2023/01/16 12:0 a.m.•60 views

CVE-2023-0315 Command Injection in froxlor/froxlor

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8...

7.2CVSS9.2AI score0.97653EPSS
Exploits8References4
Cvelist
Cvelist
•added 2023/01/14 12:0 a.m.•60 views

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

6.7AI score0.00832EPSS
Exploits1References8
Cvelist
Cvelist
•added 2022/12/22 8:26 p.m.•60 views

CVE-2022-3805 Jeg Elementor Kit <= 2.5.6 - Unauthenticated Authorization Bypass

The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the...

8.6CVSS8.7AI score0.01594EPSS
Exploits1References3
Cvelist
Cvelist
•added 2022/11/09 12:0 a.m.•60 views

CVE-2022-39368 Californium Failing DTLS handshakes causes Data Loss due to throttling blocking processing of records

Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached...

8.2CVSS8.1AI score0.00553EPSS
Exploits0References3
Cvelist
Cvelist
•added 2022/09/16 9:40 p.m.•60 views

CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.6AI score0.00396EPSS
Exploits0References2
Cvelist
Cvelist
•added 2022/07/12 10:37 p.m.•61 views

CVE-2022-33632 Microsoft Office Security Feature Bypass Vulnerability

...

4.7CVSS5.4AI score0.01103EPSS
Exploits0References1
Cvelist
Cvelist
•added 2022/04/13 12:0 a.m.•60 views

CVE-2015-20107

In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...

7.9AI score0.07269EPSS
Exploits1References29
Cvelist
Cvelist
•added 2022/04/04 5:35 p.m.•61 views

CVE-2022-24787 Incorrect Comparison in Vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. In version 0.3.1 and prior, bytestrings can have dirty bytes in them, resulting in the word-for-word comparisons giving incorrect results. Even without dirty nonzero bytes, two bytestrings can compare to equal if one en...

7.5CVSS7.7AI score0.0097EPSS
Exploits0References2
Cvelist
Cvelist
•added 2022/03/25 5:20 p.m.•60 views

CVE-2022-24778 Incorrect Authorization in imgcrypt

The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...

7.5CVSS7.6AI score0.02676EPSS
Exploits1References7
Cvelist
Cvelist
•added 2022/03/23 9:20 p.m.•60 views

CVE-2022-24768 Improper access control allows admin privilege escalation in Argo CD

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All unpatched versions of Argo CD starting with 1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. Versions starting with 0.8.0 and 0.5...

9.9CVSS9.8AI score0.01201EPSS
Exploits0References5
Cvelist
Cvelist
•added 2022/03/23 12:0 a.m.•60 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

7.7AI score0.00889EPSS
Exploits5References8
Cvelist
Cvelist
•added 2022/02/14 1:8 p.m.•60 views

CVE-2021-45421

Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced...

7.5AI score0.01264EPSS
Exploits1References1
Cvelist
Cvelist
•added 2022/02/01 1:46 a.m.•60 views

CVE-2021-46669

MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used...

7.8AI score0.02403EPSS
Exploits1References6
Cvelist
Cvelist
•added 2021/12/23 7:48 p.m.•60 views

CVE-2021-20318

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

8.7AI score0.01701EPSS
Exploits0References1
Cvelist
Cvelist
•added 2021/12/06 3:55 p.m.•60 views

CVE-2021-24931 Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection...

10AI score0.78812EPSS
Exploits7References2
Total number of security vulnerabilities5000