Lucene search
K
OsvMost viewed

908957 matches found

OSV
OSV
•added 2023/11/14 12:0 a.m.•48 views

ALSA-2023:7177 Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.4AI score0.13108EPSS
Exploits0References4
OSV
OSV
•added 2023/11/07 12:0 a.m.•48 views

ALSA-2023:6535 Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: arbitrary code execution CVE-2023-32393 webkitgtk: bypass Same Origin Policy CVE-2023-38572 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-38592...

9.8CVSS8.7AI score0.01521EPSS
Exploits0References38
OSV
OSV
•added 2023/10/30 3:40 p.m.•48 views

GHSA-FJHG-96CP-6FCW Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File

Description The laters version of Kimai is found to be vulnerable to a critical Server-Side Template Injection SSTI which can be escalated to Remote Code Execution RCE. The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML...

7.2CVSS7.6AI score0.01466EPSS
Exploits1References4
OSV
OSV
•added 2023/10/29 12:0 a.m.•48 views

DLA-3636-1 openjdk-11 - security update

Bulletin has no description...

5.3CVSS6.2AI score0.014EPSS
Exploits0
OSV
OSV
•added 2023/10/28 6:19 a.m.•48 views

BIT-2023-36478

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values toexceed their size limit. MetaDataBuilder.java determines if a...

7.5CVSS7.1AI score0.03754EPSS
Exploits1References6Affected Software1
OSV
OSV
•added 2023/10/26 6:15 p.m.•48 views

CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...

7.5CVSS7AI score
Exploits0References3
OSV
OSV
•added 2023/10/25 6:20 a.m.•48 views

BIT-2023-42629

Stored cross-site scripting XSS vulnerability in the manage vocabulary page in Liferay Portal 7.4.2 through 7.4.3.87, and Liferay DXP 7.4 before update 88 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Vocabulary's 'description' text field...

9CVSS5.4AI score0.02239EPSS
Exploits1References1Affected Software1
OSV
OSV
•added 2023/10/11 12:0 a.m.•48 views

DSA-5523-1 curl - security update

Bulletin has no description...

9.8CVSS7.9AI score0.78483EPSS
Exploits6
OSV
OSV
•added 2023/10/05 12:0 a.m.•48 views

ALSA-2023:5462 Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS6.4AI score0.0079EPSS
Exploits0References4
OSV
OSV
•added 2023/09/21 5:15 p.m.•48 views

GHSA-GX6R-QC2V-3P3V systeminformation SSID Command Injection Vulnerability

Impact SSID Command Injection Vulnerability Patches Problem was fixed with a parameter check. Please upgrade to version = 5.21.7, Version 4 was not affected Workarounds If you cannot upgrade, be sure to check or sanitize parameter strings that are passed to wifiConnections, wifiNetworks string on...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References5
OSV
OSV
•added 2023/09/20 12:0 a.m.•48 views

ALSA-2023:5312 Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-20900 For...

7.5CVSS7.5AI score0.01193EPSS
Exploits0References4
OSV
OSV
•added 2023/09/15 8:17 p.m.•48 views

CVE-2023-41900 Jetty's OpenId Revoked authentication allows one request

Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty OpenIdAuthenticator uses the optional nested LoginService, and that LoginService decides to revoke an already authenticated user, then the...

3.5CVSS6.3AI score0.00753EPSS
Exploits1References7
OSV
OSV
•added 2023/09/12 12:0 a.m.•49 views

ALSA-2023:5069 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 5.14.0. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch...

7.8CVSS7.9AI score0.05794EPSS
Exploits5References22
OSV
OSV
•added 2023/09/06 8:13 p.m.•48 views

CVE-2023-29198 Context isolation bypass via nested unserializable return value in Electron

Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using contextIsolation and contextBridge are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach...

6CVSS8.2AI score0.0049EPSS
Exploits0References4
OSV
OSV
•added 2023/09/01 12:0 a.m.•48 views

ASB-A-285903027

Bulletin has no description...

7.5CVSS7.2AI score0.003EPSS
Exploits0References2
OSV
OSV
•added 2023/08/22 7:16 p.m.•48 views

CVE-2022-48564

readints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format...

6.5CVSS6.6AI score
Exploits0References3
OSV
OSV
•added 2023/08/11 3:15 a.m.•48 views

CVE-2023-23908

Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure via local access...

4.4CVSS6AI score
Exploits0References6
OSV
OSV
•added 2023/08/09 4:9 p.m.•48 views

CVE-2023-39531 Sentry vulnerable to incorrect credential validation on OAuth token requests

Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 23.7.2, an attacker with sufficient client-side exploits could retrieve a valid access token for another user during the OAuth token exchange due to incorrect credential validation. Th...

6.5CVSS6.4AI score0.00308EPSS
Exploits0References3
OSV
OSV
•added 2023/07/30 12:0 a.m.•48 views

DSA-5462-1 linux - security update

Bulletin has no description...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
OSV
OSV
•added 2023/07/14 9:58 p.m.•48 views

GHSA-JQ43-Q8MX-R7MQ SwiftTerm Code Injection vulnerability

Impact Attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Credit These...

7.1CVSS7.7AI score0.0043EPSS
Exploits0References4
OSV
OSV
•added 2023/07/13 10:19 p.m.•48 views

GO-2023-1883 Denial of service via OOM in github.com/cometbft/cometbft

A bug in the CometBFT middleware causes the mempool's two data structures to fall out of sync. This can lead to duplicate transactions that cannot be removed, even after they are committed in a block. The only way to remove the transaction is to restart the node. This can be exploited by an...

8.2CVSS8AI score0.00901EPSS
Exploits1References3
OSV
OSV
•added 2023/07/11 3:15 p.m.•48 views

PYSEC-2023-116

xalpha v0.11.4 is vulnerable to Remote Command Execution RCE...

9.8CVSS9.2AI score0.01406EPSS
Exploits1References3
OSV
OSV
•added 2023/06/30 8:42 p.m.•48 views

GHSA-8Q9Q-R9V2-644M Upgrading doesn't prevent exploiting vulnerable XWiki documents

Impact When an XWiki installation is upgraded and that upgrade contains a fix for a bug in a document, just a new version of that document is added. In some cases, it's still possible to exploit the vulnerability that was fixed in the new version. The severity of this depends on the fixed...

9.9CVSS9.6AI score0.01845EPSS
Exploits1References6
OSV
OSV
•added 2023/06/21 5:15 p.m.•48 views

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS7.1AI score0.03776EPSS
Exploits0References7
OSV
OSV
•added 2023/06/12 4:15 p.m.•48 views

CVE-2023-34468

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC...

8.8CVSS8.5AI score0.63633EPSS
Exploits9References5
OSV
OSV
•added 2023/05/25 7:53 p.m.•48 views

RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.19.1, nodejs-nodemon 2.0.20. Security Fixes: c-ares: buffer overflow in...

8.6CVSS8.3AI score0.02023EPSS
Exploits3References8
OSV
OSV
•added 2023/05/16 12:0 a.m.•48 views

ALSA-2023:3082 Moderate: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 For more details about the security...

7.5CVSS6.9AI score0.0183EPSS
Exploits0References6
OSV
OSV
•added 2023/05/01 12:0 a.m.•48 views

ASB-A-261588851

In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00095EPSS
Exploits0References2
OSV
OSV
•added 2023/04/26 3:28 p.m.•48 views

RLSA-2023:1898 Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References11
OSV
OSV
•added 2023/04/25 7:48 p.m.•48 views

GHSA-J4RF-7357-F4CG Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Impact There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer 1.1.0 and installations that include apptainer-suid 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10...

7CVSS7.7AI score0.00369EPSS
Exploits0References18
OSV
OSV
•added 2023/04/25 12:0 a.m.•48 views

ALSA-2023:1909 Important: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References16
OSV
OSV
•added 2023/04/11 12:0 a.m.•48 views

ALSA-2023:1691 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 For more details about the security issues, including the...

7.8CVSS8.2AI score0.0788EPSS
Exploits14References4
OSV
OSV
•added 2023/04/11 12:0 a.m.•48 views

ALSA-2023:1703 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7.9AI score0.0788EPSS
Exploits14References4
OSV
OSV
•added 2023/04/06 3:23 p.m.•48 views

RLSA-2023:1469 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-026...

7.8CVSS7.5AI score0.03702EPSS
Exploits0References4
OSV
OSV
•added 2023/02/21 9:0 p.m.•48 views

CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS8.2AI score0.85247EPSS
Exploits2References4
OSV
OSV
•added 2023/02/17 12:0 a.m.•48 views

DSA-5352-1 wpewebkit - security update

Bulletin has no description...

8.8CVSS9AI score0.09426EPSS
Exploits0
OSV
OSV
•added 2023/02/16 10:31 p.m.•48 views

GO-2023-1571 Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests...

7.5CVSS7.6AI score0.04561EPSS
Exploits0References4
OSV
OSV
•added 2023/02/14 7:15 p.m.•48 views

CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

9.1CVSS9AI score
Exploits0References6
OSV
OSV
•added 2023/02/09 12:0 a.m.•48 views

DLA-3314-1 libsdl2 - security update

Bulletin has no description...

8.8CVSS7.5AI score0.03299EPSS
Exploits12
OSV
OSV
•added 2023/01/24 8:47 p.m.•48 views

GHSA-864V-6QJ7-62QJ Issue with whitespace in JWT roles in OpenSearch

Advisory title: Issue with whitespace in JWT roles Affected versions: OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1 Patched versions: OpenSearch 1.3.8 and 2.5.0 Impact: OpenSearch uses JWTs to store role claims obtained from the Identity Provider IdP when the authentication backend is SAML or OpenID...

4.7CVSS6.3AI score0.00796EPSS
Exploits0References4
OSV
OSV
•added 2023/01/12 12:0 p.m.•48 views

RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References4
OSV
OSV
•added 2023/01/12 12:0 a.m.•48 views

ALSA-2023:0110 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

7.5CVSS7.4AI score0.19193EPSS
Exploits2References4
OSV
OSV
•added 2023/01/09 12:0 a.m.•48 views

ALSA-2023:0050 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.8AI score0.14663EPSS
Exploits4References12
OSV
OSV
•added 2023/01/03 12:28 p.m.•48 views

GHSA-J94P-HV25-RM5G Apiman has potential permissions bypass

Impact Incorrect default permissions for certain read-only resources in the Apiman 1.5.7.Final through 2.2.3.Final in the Apiman Manager REST API allows a remote authenticated attacker to access information and resources in an Apiman Organizations they are not a member of and/or do not have...

7.1CVSS6AI score0.00604EPSS
Exploits0References6
OSV
OSV
•added 2022/12/28 12:30 a.m.•48 views

GHSA-6Q6Q-88XP-6F2R yaml package for Go can consume excessive amounts of CPU or memory

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS7.7AI score0.017EPSS
Exploits0References12
OSV
OSV
•added 2022/12/26 5:15 a.m.•48 views

CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

7.5CVSS5.1AI score
Exploits0References3
OSV
OSV
•added 2022/12/16 11:15 p.m.•48 views

PYSEC-2022-42993

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpackarchive from a potentially malicious tarball without validating that the destinati...

6.5CVSS6.9AI score0.00704EPSS
Exploits1References3
OSV
OSV
•added 2022/12/12 9:19 p.m.•48 views

GHSA-MJMJ-J48Q-9WG2 SnakeYaml Constructor Deserialization Remote Code Execution

Summary SnakeYaml's Constructor class, which inherits from SafeConstructor, allows any type be deserialized given the following line: new Yamlnew ConstructorTestDataClass.class.loadyamlContent; Types do not have to match the types of properties in the target class. A ConstructorException is throw...

8.3CVSS9AI score0.99615EPSS
Exploits7References19
OSV
OSV
•added 2022/12/09 10:12 p.m.•48 views

CVE-2022-23510 SQl injection in cube-js

cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade ...

9.6CVSS9.1AI score0.00898EPSS
Exploits0References5
OSV
OSV
•added 2022/12/08 7:1 p.m.•48 views

GO-2022-1144 Excessive memory growth in net/http and golang.org/x/net/http2

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

5.3CVSS6.7AI score0.05623EPSS
Exploits0References4
Total number of security vulnerabilities5000