Lucene search
K
OsvMost viewed

909133 matches found

OSV
OSV
•added 2023/04/24 10:44 p.m.•50 views

GHSA-FWCF-753V-FGCJ Unrestricted file upload in kiwi TCMS

Impact Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. In earlier versions there is no control over what kinds of files can be uploaded. Thus a malicious actor may upload an .exe file or a file containing embedded JavaScript and trick others into clicking on these fil...

7.7CVSS8.8AI score0.01024EPSS
Exploits1References6
OSV
OSV
•added 2023/02/16 7:49 p.m.•50 views

GO-2023-1568 Path traversal on Windows in path/filepath

A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative if invalid path into an absolute path could enable a directory traversal...

7.5CVSS7.4AI score0.01678EPSS
Exploits0References3
OSV
OSV
•added 2023/02/15 11:55 p.m.•50 views

GO-2023-1566 Cross site scripting in github.com/usememos/memos

A malicious actor can introduce links starting with a "javascript:" scheme due to insufficient checks on external resources. This can be used as a part of Cross-site Scripting XSS attack...

6.1CVSS5.5AI score0.00534EPSS
Exploits1References3
OSV
OSV
•added 2023/02/14 7:34 p.m.•50 views

GO-2023-1557 Denial of service via HAMT decoding panic in github.com/ipfs/go-unixfs

Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus "fanout" parameter in the HAMT directory nodes. A workaround is to not feed untrusted user data to th...

7.5CVSS6.2AI score0.00675EPSS
Exploits0References2
OSV
OSV
•added 2023/02/01 12:0 a.m.•50 views

ASB-A-230630526

In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS7.3AI score0.00429EPSS
Exploits0References2
OSV
OSV
•added 2023/01/30 12:0 a.m.•50 views

DLA-3293-1 modsecurity-crs - security update

Bulletin has no description...

9.8CVSS8.5AI score0.01672EPSS
Exploits3
OSV
OSV
•added 2023/01/23 12:0 a.m.•50 views

ALSA-2023:0339 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

7.5CVSS7.4AI score0.19193EPSS
Exploits2References4
OSV
OSV
•added 2023/01/01 12:0 a.m.•50 views

ASB-A-242703780

In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00238EPSS
Exploits0References2
OSV
OSV
•added 2022/12/31 12:0 a.m.•50 views

DLA-3252-1 cacti - security update

Bulletin has no description...

9.8CVSS8.4AI score0.99826EPSS
Exploits74
OSV
OSV
•added 2022/12/27 3:15 p.m.•50 views

PYSEC-2022-43010

Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5...

9.8CVSS6.9AI score0.00827EPSS
Exploits1References5
OSV
OSV
•added 2022/12/22 3:33 a.m.•50 views

GHSA-HJRF-2M68-5959 jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

Overview Versions =8.5.1 of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function referring to the secretOrPublicKey argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm...

5CVSS6.2AI score0.00753EPSS
Exploits0References6
OSV
OSV
•added 2022/11/09 10:15 p.m.•50 views

CVE-2022-37966

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability...

8.1CVSS4.2AI score0.02772EPSS
Exploits0References2
OSV
OSV
•added 2022/10/04 2:32 p.m.•50 views

RLSA-2022:6778 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.6AI score0.02299EPSS
Exploits0References3
OSV
OSV
•added 2022/09/19 5:15 p.m.•50 views

CVE-2022-40468

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...

7.5CVSS3.2AI score
Exploits0References6
OSV
OSV
•added 2022/09/13 7:36 a.m.•50 views

RLSA-2022:6449 Moderate: nodejs:16 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs-ansi-regex: Regular expression denial of service ReDoS matching ANSI escape codes CVE-2021-3807 nodejs: DNS rebinding in --inspect via...

7.5CVSS7.4AI score0.77766EPSS
Exploits4References8
OSV
OSV
•added 2022/08/17 12:0 a.m.•50 views

DLA-3073-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.5AI score0.06463EPSS
Exploits0
OSV
OSV
•added 2022/06/28 2:20 a.m.•50 views

GSD-2022-2274 heap buffer overflow in OpenSSL version 3.0.4

In OpenSSL version 3.0.4 a heap buffer overflow exists in the AVX512 support that can be attacked via network resulting in code execution. This is reachable via four code paths: RSAZ 1024, RSAZ 512, Dual 1024 RSAZ, and Default constant-time Montgomery modular exponentiation. Please note this issu...

9.3AI score
Exploits0References6
OSV
OSV
•added 2022/06/22 12:0 a.m.•50 views

GHSA-PM37-5J5M-6CVW Cross-site Scripting in NukeViet CMS

There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...

5.4CVSS5.2AI score0.00772EPSS
Exploits1References4
OSV
OSV
•added 2022/06/06 12:0 a.m.•50 views

DLA-3044-1 glib2.0 - security update

Bulletin has no description...

7.5CVSS6.9AI score0.0408EPSS
Exploits2
OSV
OSV
•added 2022/05/24 7:1 p.m.•50 views

GHSA-4MGV-M5CM-F9H7 Vault GitHub Action did not correctly mask multi-line secrets in output

HashiCorp vault-action aka Vault GitHub Action before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking. The vault-action implementation did not correctly handle the marking of...

7.5CVSS7.3AI score0.0188EPSS
Exploits1References7
OSV
OSV
•added 2022/05/24 5:25 p.m.•51 views

GHSA-5C4V-VH95-C67C Jenkins Email Extension Plugin SMTP password transmitted and displayed in plain text

Email Extension Plugin stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration. While this password is stored encrypted on disk, it is transmitted and displayed in plain text as part of the...

3.7CVSS7.6AI score0.00755EPSS
Exploits0References5
OSV
OSV
•added 2022/05/24 5:5 p.m.•50 views

GHSA-CF8F-W2C5-P5JR keycloak vulnerable to unauthorized login via mail server setup

A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be '[email protected]'...

9.1CVSS9.1AI score0.01718EPSS
Exploits1References5
OSV
OSV
•added 2022/05/24 4:59 p.m.•50 views

GHSA-HHG2-G6H6-C266 Yii SQL injection vulnerability

The findByCondition function in framework/db/ActiveRecord.php in Yii 2.x before 2.0.15 allows remote attackers to conduct SQL injection attacks via a findOne or findAll call, unless a developer recognizes an undocumented need to sanitize array input...

9.8CVSS9AI score0.01363EPSS
Exploits0References4
OSV
OSV
•added 2022/05/18 6:23 p.m.•50 views

GO-2022-0273 Panic due to crafted inputs in archive/zip

The NewReader and OpenReader functions in archive/zip can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size. This is caused by an incomplete fix for CVE-2021-33196...

7.5CVSS7.8AI score0.06934EPSS
Exploits0References4
OSV
OSV
•added 2022/05/18 12:0 a.m.•50 views

GHSA-X454-72FX-69Q3 Missing permission check in Jenkins SSH Plugin

A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS4.7AI score0.00684EPSS
Exploits0References4
OSV
OSV
•added 2022/05/14 4:1 a.m.•50 views

GHSA-594H-CX6W-P4JF Typo3 Host Header Spoofing Vulnerability

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."...

5CVSS5.3AI score0.02662EPSS
Exploits0References9
OSV
OSV
•added 2022/05/14 1:38 a.m.•50 views

GHSA-95Q3-PPPP-R683 Crash when decoding malformed HTTP requests or malformed JSON payload

When parsing a malformed JSON payload, libprocess in Apache Mesos versions 1.4.0 to 1.5.0 might crash due to an uncaught exception. Parsing chunked HTTP requests with trailers can lead to a libprocess crash too because of the mistakenly planted assertion. A malicious actor can therefore cause a...

7.5CVSS7.2AI score0.03674EPSS
Exploits0References2
OSV
OSV
•added 2022/05/14 1:8 a.m.•50 views

GHSA-9J7M-RJQX-48VH RubyGems Regular Expression Denial of Service vulnerability

Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service CPU...

4.3CVSS5.4AI score0.03343EPSS
Exploits0References15
OSV
OSV
•added 2022/05/10 8:11 a.m.•50 views

ALSA-2022:1986 Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.1AI score0.11586EPSS
Exploits1References3
OSV
OSV
•added 2022/05/06 12:5 p.m.•50 views

CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

5.5CVSS6.3AI score0.01044EPSS
Exploits1References7
OSV
OSV
•added 2022/05/05 2:48 a.m.•50 views

GHSA-XC85-32MF-XPV8 Rack arbitrary code execution via timing attack

Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that doe...

5.1CVSS9.6AI score0.05281EPSS
Exploits0References14
OSV
OSV
•added 2022/04/13 12:0 a.m.•50 views

GHSA-5PV7-HX9M-8JH3 Missing permission checks in Jenkins Publish Over FTP Plugin

Missing permission checks in Jenkins Publish Over FTP Plugin prior to 1.17 allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

4.3CVSS4.7AI score0.0072EPSS
Exploits0References4
OSV
OSV
•added 2022/03/10 2:37 p.m.•50 views

RLSA-2022:0819 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: improper initialization of the "flags" member of the new pipebuffer CVE-2022-0847 kernel: Use After Free in unixgc which could...

8.8CVSS8AI score0.88106EPSS
Exploits119References8
OSV
OSV
•added 2022/03/06 12:0 a.m.•50 views

DLA-2931-1 cyrus-sasl2 - security update

Bulletin has no description...

8.8CVSS8.3AI score0.04123EPSS
Exploits0
OSV
OSV
•added 2022/03/01 10:4 p.m.•50 views

GHSA-J34V-3552-5R7J Multiple security issues in Pomerium's embedded envoy

Envoy, which Pomerium is based on, has issued multiple CVEs impacting stability and security. Though Pomerium may not be vulnerable to all of the issues, it is recommended that all users upgrade to Pomerium v0.16.4 as soon as possible to minimize risk. Impact - Possible DoS or crash - Resources...

7AI score
Exploits0References2
OSV
OSV
•added 2022/02/21 6:15 p.m.•50 views

CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succee...

4.3CVSS7AI score0.01097EPSS
Exploits0References2
OSV
OSV
•added 2022/02/19 12:15 a.m.•50 views

PYSEC-2022-37

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function checkforinvalidimports can allow Cheetah code to import Python modules via the "from MODULE import" substring. Only lines beginning with import are blocked...

7.8CVSS3.2AI score0.00495EPSS
Exploits1References3
OSV
OSV
•added 2022/02/09 12:0 a.m.•50 views

DLA-2916-1 firefox-esr - security update

Bulletin has no description...

9.6CVSS8.1AI score0.00926EPSS
Exploits1
OSV
OSV
•added 2022/01/31 9:52 a.m.•50 views

ALSA-2022:0323 Important: nginx:1.20 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a later upstream version: nginx 1.20.1. BZ2031030 Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels...

7.7CVSS7.1AI score0.52838EPSS
Exploits10References2
OSV
OSV
•added 2022/01/25 12:0 a.m.•50 views

DSA-5062-1 nss - security update

Bulletin has no description...

6.5CVSS8.2AI score0.0063EPSS
Exploits0
OSV
OSV
•added 2022/01/16 12:0 a.m.•50 views

DLA-2880-1 firefox-esr - security update

Bulletin has no description...

10CVSS7.5AI score0.0134EPSS
Exploits6
OSV
OSV
•added 2022/01/14 12:0 a.m.•50 views

DSA-5046-1 chromium - security update

Bulletin has no description...

9.6CVSS8.5AI score0.36238EPSS
Exploits41
OSV
OSV
•added 2022/01/12 10:43 p.m.•50 views

GHSA-29GP-2C3M-3J6M Sandbox Escape by math function in smarty

Impact Template authors could run arbitrary PHP code by crafting a malicious math string. If a math string is passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Patches Please upgrade to 4.0.2 or 3.1.42 or...

8.1CVSS8.8AI score0.01927EPSS
Exploits0References14
OSV
OSV
•added 2022/01/01 7:15 p.m.•50 views

CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

8.8CVSS2.3AI score
Exploits0References9
OSV
OSV
•added 2021/11/15 9:15 p.m.•50 views

CVE-2021-42386

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function...

7.2CVSS7.3AI score
Exploits0References6
OSV
OSV
•added 2021/11/09 12:0 a.m.•50 views

DSA-5003-1 samba - security update

Bulletin has no description...

9CVSS7AI score0.01984EPSS
Exploits0
OSV
OSV
•added 2021/10/26 2:55 p.m.•50 views

GHSA-9GJ3-HWP5-PMWC XSS in the `altField` option of the Datepicker widget in jquery-ui

Impact Accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: js $ "datepicker" .datepicker altField: "", ; will call the doEvilThing function. Patches The issue is fixed...

6.5CVSS6.8AI score0.39361EPSS
Exploits1References24
OSV
OSV
•added 2021/10/03 12:0 a.m.•50 views

DSA-4980-1 qemu - security update

Bulletin has no description...

8.5CVSS7.4AI score0.02904EPSS
Exploits1
OSV
OSV
•added 2021/09/30 12:0 a.m.•50 views

DLA-2773-1 curl - security update

Bulletin has no description...

7.5CVSS6.8AI score0.04224EPSS
Exploits2
OSV
OSV
•added 2021/09/20 12:0 a.m.•50 views

DSA-4975-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.5AI score0.13486EPSS
Exploits1
Total number of security vulnerabilities5000