Lucene search
K
OsvMost viewed

909148 matches found

OSV
OSV
added 2024/01/03 4:20 p.m.49 views

CVE-2023-46740 Insecure random string generator used for sensitive data

CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string...

6.5CVSS8.9AI score0.00439EPSS
Exploits0References4
OSV
OSV
added 2023/12/18 9:18 p.m.49 views

GO-2023-2402 Man-in-the-middle attacker can compromise integrity of secure channel in golang.org/x/crypto

A protocol weakness allows a MITM attacker to compromise the integrity of the secure channel before it is established, allowing the attacker to prevent transmission of a number of messages immediately after the secure channel is established without either side being aware. The impact of this atta...

5.9CVSS6.4AI score0.9378EPSS
Exploits4References5
OSV
OSV
added 2023/12/05 10:46 p.m.49 views

GHSA-MHHP-C3CM-2R86 Test code in published microsoft-graph-core package exposes phpinfo()

Impact The Microsoft Graph Core PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at vendor/microsoft/microsoft-graph-core/tests/GetPhpInfo.php. The phpInfo function exposes system...

5.4CVSS7.5AI score0.78428EPSS
Exploits5References9
OSV
OSV
added 2023/11/14 12:0 a.m.49 views

ALSA-2023:7205 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: permission model improperly...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References14
OSV
OSV
added 2023/11/11 11:0 p.m.49 views

RLSA-2023:6120 Moderate: nginx:1.22 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References2
OSV
OSV
added 2023/10/27 8:15 p.m.49 views

CVE-2023-46853

In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n...

9.8CVSS7.1AI score
Exploits0References2
OSV
OSV
added 2023/10/25 6:20 a.m.49 views

BIT-2023-42627

Multiple stored cross-site scripting XSS vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a 1...

9.6CVSS5.7AI score0.02261EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/10/25 6:20 a.m.49 views

BIT-2023-42629

Stored cross-site scripting XSS vulnerability in the manage vocabulary page in Liferay Portal 7.4.2 through 7.4.3.87, and Liferay DXP 7.4 before update 88 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Vocabulary's 'description' text field...

9CVSS5.4AI score0.02239EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/10/24 6:35 p.m.49 views

RLSA-2023:5927 Important: php:8.0 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

9.8CVSS7.9AI score0.08003EPSS
Exploits6References7
OSV
OSV
added 2023/10/24 6:35 p.m.49 views

RLSA-2023:5863 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...

7.5CVSS8.2AI score0.99999EPSS
Exploits19References3
OSV
OSV
added 2023/10/11 10:15 p.m.49 views

CVE-2023-39325

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.9AI score
Exploits0References43
OSV
OSV
added 2023/10/05 12:0 a.m.49 views

ALSA-2023:5462 Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS6.4AI score0.0079EPSS
Exploits0References4
OSV
OSV
added 2023/10/02 8:39 p.m.49 views

GHSA-8FXR-QFR9-P34W TorchServe Server-Side Request Forgery vulnerability

Impact Remote Server-Side Request Forgery SSRF Issue: TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and...

9.8CVSS9.3AI score0.35256EPSS
Exploits6References6
OSV
OSV
added 2023/09/30 12:0 a.m.49 views

DLA-3592-1 jetty9 - security update

Bulletin has no description...

5.3CVSS5.5AI score0.0326EPSS
Exploits1
OSV
OSV
added 2023/09/26 10:45 p.m.49 views

CVE-2023-42461 SQL injection in ITIL actors in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

6.5CVSS9.4AI score0.00899EPSS
Exploits0References3
OSV
OSV
added 2023/09/15 8:17 p.m.49 views

CVE-2023-41900 Jetty's OpenId Revoked authentication allows one request

Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty OpenIdAuthenticator uses the optional nested LoginService, and that LoginService decides to revoke an already authenticated user, then the...

3.5CVSS6.3AI score0.00753EPSS
Exploits1References7
OSV
OSV
added 2023/09/12 8:26 p.m.49 views

GHSA-38FQ-H5HC-GWV8 Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

7.8CVSS8.5AI score0.01441EPSS
Exploits0References5
OSV
OSV
added 2023/09/04 6:15 p.m.49 views

PYSEC-2023-167

Vyper is a Pythonic Smart Contract Language. For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafeadd, unsafesub, unsafemul, unsafediv, powmod256, |, &, ^ bitwise operators, bitwiseor deprecated,...

5.3CVSS6.7AI score0.00418EPSS
Exploits1References1
OSV
OSV
added 2023/08/29 4:46 p.m.49 views

CVE-2023-41037 Cleartext Signed Message Signature Spoofing in openpgpjs

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS4.6AI score0.00309EPSS
Exploits1References4
OSV
OSV
added 2023/08/22 7:16 p.m.49 views

CVE-2022-48564

readints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format...

6.5CVSS6.6AI score
Exploits0References3
OSV
OSV
added 2023/08/11 3:15 a.m.49 views

CVE-2023-23908

Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure via local access...

4.4CVSS6AI score
Exploits0References6
OSV
OSV
added 2023/08/01 12:0 a.m.49 views

ALSA-2023:4377 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 kernel: KVM: x86/mmu: race condition in...

7.8CVSS6.8AI score0.01377EPSS
Exploits6References12
OSV
OSV
added 2023/08/01 12:0 a.m.49 views

ASB-A-253043490

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed...

6.8CVSS6.7AI score0.00125EPSS
Exploits0References2
OSV
OSV
added 2023/07/30 12:0 a.m.49 views

DSA-5462-1 linux - security update

Bulletin has no description...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
OSV
OSV
added 2023/07/27 12:0 a.m.49 views

DLA-3508-1 linux - security update

Bulletin has no description...

7.8CVSS8AI score0.16642EPSS
Exploits15
OSV
OSV
added 2023/07/13 2:46 a.m.49 views

RSEC-2023-2 Denial of Service (DoS) vulnerability

The readxl R package is exposed to a vulnerability owing to its underlying use of libxls library version 1.6.2. The vulnerability originates in the xlsgetWorkSheet function within xls.c in libxls. Attackers can exploit this flaw by utilizing a specially crafted XLS file, leading to a Denial of...

6.5CVSS6.2AI score0.01122EPSS
Exploits0References4
OSV
OSV
added 2023/06/30 8:42 p.m.49 views

GHSA-8Q9Q-R9V2-644M Upgrading doesn't prevent exploiting vulnerable XWiki documents

Impact When an XWiki installation is upgraded and that upgrade contains a fix for a bug in a document, just a new version of that document is added. In some cases, it's still possible to exploit the vulnerability that was fixed in the new version. The severity of this depends on the fixed...

9.9CVSS9.6AI score0.01845EPSS
Exploits1References6
OSV
OSV
added 2023/06/06 1:51 a.m.49 views

GHSA-H87R-F4VC-MCHV PocketMine-MP vulnerable to improperly checked dropped item count leading to server crash

Impact In 4.18.0, the network handling of inventories was completely revamped. Due to this, a bug was introduced which allowed players to request that the server drop more of an item than they had available in their hotbar. This did not lead to any duplication issues, but instead led to a server...

7.5CVSS7.1AI score0.0036EPSS
Exploits0References6
OSV
OSV
added 2023/05/24 6:30 p.m.49 views

GHSA-G7VW-43XG-8M4H SQL injection in Liferay Portal

SQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17, and Liferay DXP 7.3 before update 6, and 7.4 before update 18 allows attackers to execute arbitrary SQL commands via the name of a database table's primary key index. This vulnerability is...

8.1CVSS7.6AI score0.00549EPSS
Exploits0References3
OSV
OSV
added 2023/05/16 12:0 a.m.49 views

ALSA-2023:3087 Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

7.5CVSS6.4AI score0.43131EPSS
Exploits0References76
OSV
OSV
added 2023/04/26 3:28 p.m.49 views

RLSA-2023:1898 Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References11
OSV
OSV
added 2023/04/24 10:42 p.m.49 views

GHSA-XV3H-4844-9H36 HTTP Multiline Header Termination

Impact Affected versions of Laminas Diactoros accepted a single line feed LF / \n character at the end of a header name. When serializing such a header name containing a line-feed into the on-the-wire representation of a HTTP/1.x message, the resulting message would be syntactically invalid, due ...

7.5CVSS6.2AI score0.00965EPSS
Exploits0References6
OSV
OSV
added 2023/04/19 8:15 p.m.50 views

PYSEC-2023-20

Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. The insufficiently random values may allow an attacker to guess the credentials and gain access to resources managed by Lemur...

7.5CVSS7AI score0.00784EPSS
Exploits0References4
OSV
OSV
added 2023/04/01 12:0 a.m.49 views

ASB-A-252762941

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.7AI score0.00092EPSS
Exploits0References2
OSV
OSV
added 2023/03/24 9:30 p.m.49 views

GHSA-948F-J464-RFJ2 Moodle may allow students to bypass sequential navigation during a quiz attempt

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

4.3CVSS4.7AI score0.00563EPSS
Exploits0References5
OSV
OSV
added 2023/02/23 8:15 p.m.49 views

CVE-2023-23915

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

6.5CVSS7.5AI score0.00861EPSS
Exploits0References3
OSV
OSV
added 2023/02/14 9:31 p.m.49 views

GHSA-74M5-2C7W-9W3X MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

8.7CVSS7.3AI score0.01288EPSS
Exploits0References6
OSV
OSV
added 2023/02/07 6:16 p.m.49 views

GHSA-56GJ-MVH6-RP75 URI validation failure on SVG parsing. Bypass of CVE-2023-23924

Summary Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Details Dompdf parses the href attribute of image tags with the following code: src/Image/Cache.php line 135-150 php function $parser, $name,...

10CVSS9.5AI score0.0249EPSS
Exploits3References4
OSV
OSV
added 2023/01/09 12:0 a.m.49 views

ALSA-2023:0050 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.8AI score0.14663EPSS
Exploits4References12
OSV
OSV
added 2023/01/03 10:25 p.m.49 views

GO-2022-1201 Timing attack in github.com/openshift/osin

Client secret checks are vulnerable to timing attacks, which could permit an attacker to determine client secrets...

5.9CVSS5.8AI score0.00676EPSS
Exploits0References2
OSV
OSV
added 2022/12/28 12:30 a.m.49 views

GHSA-6Q6Q-88XP-6F2R yaml package for Go can consume excessive amounts of CPU or memory

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS7.7AI score0.017EPSS
Exploits0References12
OSV
OSV
added 2022/12/22 9:1 p.m.49 views

GO-2022-1178 JWT leak in github.com/bradleyfalzon/ghinstallation

Errors returned by ghinstallation.Transport can include the JWT used for the failed operation. If the error is exposed to an untrusted party, this JWT could be extracted and used to authenticate further requests...

5CVSS4.7AI score0.00382EPSS
Exploits1References3
OSV
OSV
added 2022/12/19 3:30 p.m.49 views

GHSA-3FHJ-WPVJ-X5W8 laravel-jqgrid vulnerable to SQL Injection

A vulnerability classified as critical was found in laravel-jqgrid. Affected by this vulnerability is the function getRows of the file src/Mgallegos/LaravelJqgrid/Repositories/EloquentRepositoryAbstract.php. The manipulation leads to sql injection. The name of the patch is...

9.8CVSS7.7AI score0.00646EPSS
Exploits0References5
OSV
OSV
added 2022/12/09 10:12 p.m.49 views

CVE-2022-23510 SQl injection in cube-js

cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade ...

9.6CVSS9.1AI score0.00898EPSS
Exploits0References5
OSV
OSV
added 2022/12/07 12:0 a.m.49 views

DLA-3230-1 jqueryui - security update

Bulletin has no description...

6.5CVSS6.9AI score0.44515EPSS
Exploits5
OSV
OSV
added 2022/11/25 12:0 a.m.49 views

CVE-2022-4141 Heap-based Buffer Overflow in vim/vim

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command...

7.3CVSS7.9AI score0.00423EPSS
Exploits1References9
OSV
OSV
added 2022/11/14 7:15 a.m.49 views

PYSEC-2022-42979

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification...

7.5CVSS2.5AI score0.01184EPSS
Exploits0References6
OSV
OSV
added 2022/11/10 12:0 p.m.50 views

RUSTSEC-2022-0076 Bug in Wasmtime implementation of pooling instance allocator

Bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration...

7.4CVSS6.4AI score0.00577EPSS
Exploits0References4
OSV
OSV
added 2022/11/08 6:29 a.m.49 views

RLSA-2022:7793 Moderate: rsync security and enhancement update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

7CVSS8.9AI score0.1593EPSS
Exploits1References3
OSV
OSV
added 2022/10/25 12:0 p.m.49 views

RUSTSEC-2022-0083 evm incorrect state transition

SputnikVM, also called evm, is a Rust implementation of Ethereum Virtual Machine. A custom stateful precompile can use the isstatic parameter to determine if the call is executed in a static context via STATICCALL, and thus decide if stateful operations should be done. Prior to version 0.36.0, th...

7.5CVSS6.3AI score0.00538EPSS
Exploits0References3
Total number of security vulnerabilities5000