Lucene search
K
OsvMost viewed

907648 matches found

OSV
OSV
•added 2024/03/06 11:8 a.m.•50 views

BIT-WORDPRESS-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack...

5.3CVSS5.4AI score0.03862EPSS
Exploits4References4
OSV
OSV
•added 2024/03/06 11:6 a.m.•50 views

BIT-POSTGRESQL-2020-25695

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest...

8.8CVSS7.3AI score0.4644EPSS
Exploits0References6
OSV
OSV
•added 2024/03/06 11:5 a.m.•50 views

BIT-POSTGRESQL-2021-23214

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

8.1CVSS7.9AI score0.01901EPSS
Exploits0References6
OSV
OSV
•added 2024/03/06 11:2 a.m.•50 views

BIT-POSTGRESQL-2024-0985 PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The...

8CVSS8.6AI score0.01465EPSS
Exploits0References5
OSV
OSV
•added 2024/03/06 10:52 a.m.•50 views

BIT-GIT-2020-5260 malicious URLs may cause Git to present stored credentials to the wrong server

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system...

9.3CVSS7.3AI score0.10047EPSS
Exploits2References20
OSV
OSV
•added 2024/03/06 10:51 a.m.•50 views

BIT-DJANGO-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.6AI score0.01236EPSS
Exploits0References9
OSV
OSV
•added 2024/02/20 12:0 a.m.•50 views

ALSA-2024:0887 Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 golang: cmd/go: Protocol Fallback when fetching modules CVE-2023-452...

7.5CVSS7.2AI score0.01208EPSS
Exploits0References6
OSV
OSV
•added 2024/02/12 8:17 p.m.•50 views

RLSA-2024:0627 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: incomplete fix for CVE-2023-5981 CVE-2024-0553 For more details about the security issues, including the impact,...

7.5CVSS7.2AI score0.01614EPSS
Exploits1References2
OSV
OSV
•added 2024/02/04 8:15 p.m.•50 views

CVE-2023-52425

libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed...

7.5CVSS7.3AI score
Exploits0References8
OSV
OSV
•added 2024/02/03 12:47 a.m.•50 views

GHSA-VH55-786G-WJWJ .NET Information Disclosure Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. An information disclosure vulnerability exists in .NE...

5.9CVSS5.7AI score0.0192EPSS
Exploits0References6
OSV
OSV
•added 2024/02/01 12:0 a.m.•50 views

ALSA-2024:0647 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

6.7CVSS7.4AI score0.00491EPSS
Exploits3References8
OSV
OSV
•added 2024/01/25 12:0 a.m.•50 views

ALSA-2024:0474 Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

6.1CVSS6.7AI score0.05972EPSS
Exploits2References10
OSV
OSV
•added 2024/01/12 7:57 p.m.•50 views

RLSA-2024:0158 Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.126 and .NET Runtime 6.0.26...

9.8CVSS7.7AI score0.02868EPSS
Exploits0References4
OSV
OSV
•added 2023/12/22 8:36 p.m.•50 views

CVE-2023-50730 Grackle has StackOverflowError in GraphQL query processing

Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments...

7.5CVSS7.8AI score0.00827EPSS
Exploits0References5
OSV
OSV
•added 2023/12/14 5:15 a.m.•50 views

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

8.8CVSS6.9AI score
Exploits0References6
OSV
OSV
•added 2023/11/17 9:38 p.m.•50 views

GHSA-RQ42-58QF-V3QX LibreNMS vulnerable to rate limiting bypass on login page

Summary Application is using two login methods and one of them is using GET request for authentication. There is no rate limiting security feature at GET request or backend is not validating that. PoC Go to /?username=admin&password=password&submit= Capture request in Burpsuite intruder and add...

5.3CVSS6.5AI score0.00599EPSS
Exploits1References6
OSV
OSV
•added 2023/11/14 12:0 a.m.•50 views

ALSA-2023:7090 Moderate: libmicrohttpd security update

GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

5.9CVSS5.9AI score0.01243EPSS
Exploits1References4
OSV
OSV
•added 2023/11/13 12:0 a.m.•50 views

DSA-5553-1 postgresql-15 - security update

Bulletin has no description...

8.8CVSS7AI score0.04322EPSS
Exploits0
OSV
OSV
•added 2023/11/09 9:30 p.m.•50 views

GHSA-5CVX-CWPX-9RJH Moodle Code Injection vulnerability

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution...

6.5CVSS8.1AI score0.0137EPSS
Exploits0References6
OSV
OSV
•added 2023/11/07 12:0 a.m.•50 views

ALSA-2023:6738 Moderate: java-21-openjdk security and bug fix update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authentication...

5.3CVSS6.2AI score0.014EPSS
Exploits0References6
OSV
OSV
•added 2023/11/07 12:0 a.m.•50 views

ALSA-2023:6474 Moderate: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http...

9.8CVSS8.2AI score0.04561EPSS
Exploits1References28
OSV
OSV
•added 2023/11/07 12:0 a.m.•50 views

ALSA-2023:6615 Moderate: python-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: memory corruption via immutable objects CVE-2023-23931 For more details about the...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References4
OSV
OSV
•added 2023/11/06 7:32 a.m.•50 views

BIT-2020-2574

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

5.9CVSS5.9AI score0.03485EPSS
Exploits0References7Affected Software1
OSV
OSV
•added 2023/10/26 6:15 p.m.•50 views

CVE-2023-31419

A flaw was discovered in Elasticsearch, affecting the search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service...

7.5CVSS6.5AI score
Exploits0References3
OSV
OSV
•added 2023/10/23 12:0 a.m.•50 views

ALSA-2023:5989 Important: varnish security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rap...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
OSV
OSV
•added 2023/10/18 4:15 a.m.•50 views

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a functio...

3.7CVSS7.3AI score0.06208EPSS
Exploits0References11
OSV
OSV
•added 2023/10/17 2:21 p.m.•50 views

GHSA-RC4V-99CR-PJCM Prototype Pollution in ali-security/mongoose

Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...

10CVSS8.3AI score
Exploits0References4
OSV
OSV
•added 2023/10/13 12:0 a.m.•50 views

DLA-3617-1 tomcat9 - security update

Bulletin has no description...

7.5CVSS8.2AI score0.99999EPSS
Exploits22
OSV
OSV
•added 2023/10/10 10:22 p.m.•50 views

GHSA-XPW8-RCWV-8F8P io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

A client might overload the server by issue frequent RST frames. This can cause a massive amount of load on the remote system and so cause a DDOS attack. Impact This is a DDOS attack, any http2 server is affected and so you should update as soon as possible. Patches This is patched in version...

7.5CVSS7.9AI score0.99999EPSS
Exploits19References6
OSV
OSV
•added 2023/08/01 12:0 a.m.•50 views

ASB-A-250574778

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS9.2AI score0.00639EPSS
Exploits0References4
OSV
OSV
•added 2023/06/26 4:53 p.m.•50 views

GO-2023-1832 Verification bypass in github.com/notaryproject/notation-go

An attacker who controls or compromises a registry can lead a user to verify the wrong artifact...

8.8CVSS8.4AI score0.00354EPSS
Exploits0References4
OSV
OSV
•added 2023/05/01 12:0 a.m.•50 views

ASB-A-175190844

In multiple buttons of grantpermissions.xml, there is a possible way to bypass permissions dialogs due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

6.8AI score
Exploits0References2
OSV
OSV
•added 2023/02/28 12:0 a.m.•50 views

ALSA-2023:0970 Moderate: httpd security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: moddav: out-of-bounds read/write of zero byte CVE-2006-20001 httpd: modproxyajp: Possible request smuggling CVE-2022-36760 httpd: modproxy: HTTP response splitting...

9CVSS7.8AI score0.57941EPSS
Exploits0References8
OSV
OSV
•added 2023/01/30 12:0 a.m.•50 views

DLA-3293-1 modsecurity-crs - security update

Bulletin has no description...

9.8CVSS8.5AI score0.01672EPSS
Exploits3
OSV
OSV
•added 2023/01/12 8:25 a.m.•50 views

RLSA-2023:0089 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS7.7AI score0.04354EPSS
Exploits0References5
OSV
OSV
•added 2022/12/31 12:0 a.m.•50 views

DLA-3258-1 node-loader-utils - security update

Bulletin has no description...

9.8CVSS8.8AI score0.02601EPSS
Exploits1
OSV
OSV
•added 2022/12/22 3:33 a.m.•50 views

GHSA-HJRF-2M68-5959 jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

Overview Versions =8.5.1 of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function referring to the secretOrPublicKey argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm...

5CVSS6.2AI score0.00753EPSS
Exploits0References6
OSV
OSV
•added 2022/12/07 6:45 p.m.•50 views

GO-2022-1113 Server-side request forgery in github.com/oam-dev/kubevela

When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability...

6.5CVSS5.6AI score0.00376EPSS
Exploits0References2
OSV
OSV
•added 2022/12/05 10:15 p.m.•50 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS2AI score0.01761EPSS
Exploits1References7
OSV
OSV
•added 2022/10/31 12:0 a.m.•50 views

DLA-3173-1 linux-5.10 - security update

Bulletin has no description...

8.8CVSS7.7AI score0.03763EPSS
Exploits16
OSV
OSV
•added 2022/10/21 8:29 p.m.•50 views

GHSA-X459-P2RX-F8FF .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET 5.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Denial of Service vulnerability exists in .NET 6.0 and...

7.5CVSS7.4AI score0.03739EPSS
Exploits0References8
OSV
OSV
•added 2022/10/04 2:32 p.m.•50 views

RLSA-2022:6778 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.6AI score0.02299EPSS
Exploits0References3
OSV
OSV
•added 2022/09/19 5:15 p.m.•50 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS3.2AI score
Exploits0References6
OSV
OSV
•added 2022/08/11 6:12 p.m.•50 views

GHSA-PCJH-6R5H-R92R django-sendfile2 before 0.7.0 contains reflected file download vulnerability

Similar to CVE-2022-36359 for Django, django-sendfile2 did not protect against a reflected file download attack in version 0.6.1 and earlier. If the file name used by django-sendfile2 was derived from user input, then it would be possible to perform a such an attack. A new version of...

8.5AI score
Exploits0References4
OSV
OSV
•added 2022/08/11 12:0 a.m.•50 views

DLA-3072-1 postgresql-11 - security update

Bulletin has no description...

8CVSS7.6AI score0.0152EPSS
Exploits0
OSV
OSV
•added 2022/08/03 6:15 a.m.•50 views

CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

7.5CVSS3.2AI score
Exploits0References6
OSV
OSV
•added 2022/06/28 2:20 a.m.•50 views

GSD-2022-2274 heap buffer overflow in OpenSSL version 3.0.4

In OpenSSL version 3.0.4 a heap buffer overflow exists in the AVX512 support that can be attacked via network resulting in code execution. This is reachable via four code paths: RSAZ 1024, RSAZ 512, Dual 1024 RSAZ, and Default constant-time Montgomery modular exponentiation. Please note this issu...

9.3AI score
Exploits0References6
OSV
OSV
•added 2022/06/22 12:0 a.m.•50 views

GHSA-PM37-5J5M-6CVW Cross-site Scripting in NukeViet CMS

There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...

5.4CVSS5.2AI score0.00772EPSS
Exploits1References4
OSV
OSV
•added 2022/05/24 7:1 p.m.•50 views

GHSA-4MGV-M5CM-F9H7 Vault GitHub Action did not correctly mask multi-line secrets in output

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking. The vault-action implementation did not correctly handle the marking of...

7.5CVSS7.3AI score0.0188EPSS
Exploits1References7
OSV
OSV
•added 2022/05/24 5:25 p.m.•51 views

GHSA-5C4V-VH95-C67C Jenkins Email Extension Plugin SMTP password transmitted and displayed in plain text

Email Extension Plugin stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration. While this password is stored encrypted on disk, it is transmitted and displayed in plain text as part of the...

3.7CVSS7.6AI score0.00755EPSS
Exploits0References5
Total number of security vulnerabilities5000