Lucene search
K
OsvMost viewed

909216 matches found

OSV
OSV
•added 2023/10/26 6:15 p.m.•48 views

CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...

7.5CVSS7AI score
Exploits0References3
OSV
OSV
•added 2023/10/25 6:20 a.m.•48 views

BIT-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

9CVSS5.4AI score0.00462EPSS
Exploits0References1Affected Software1
OSV
OSV
•added 2023/10/23 6:17 a.m.•48 views

BIT-2023-44388

Discourse is an open source platform for community discussion. A malicious request can cause production log files to quickly fill up and thus result in the server running out of disk space. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. It is possible to...

7.5CVSS6.8AI score0.00531EPSS
Exploits0References2Affected Software1
OSV
OSV
•added 2023/10/20 6:17 a.m.•48 views

BIT-2023-43659

Discourse is an open source platform for community discussion. Improper escaping of user input allowed for Cross-site Scripting attacks via the digest email preview UI. This issue only affects sites with CSP disabled. This issue has been patched in the 3.1.1 stable release as well as the...

8CVSS6.4AI score0.00417EPSS
Exploits0References2Affected Software1
OSV
OSV
•added 2023/10/11 12:0 a.m.•48 views

DSA-5523-1 curl - security update

Bulletin has no description...

9.8CVSS7.9AI score0.78483EPSS
Exploits6
OSV
OSV
•added 2023/09/21 5:15 p.m.•48 views

GHSA-GX6R-QC2V-3P3V systeminformation SSID Command Injection Vulnerability

Impact SSID Command Injection Vulnerability Patches Problem was fixed with a parameter check. Please upgrade to version = 5.21.7, Version 4 was not affected Workarounds If you cannot upgrade, be sure to check or sanitize parameter strings that are passed to wifiConnections, wifiNetworks string on...

9.8CVSS9.7AI score0.01837EPSS
Exploits0References5
OSV
OSV
•added 2023/09/20 12:0 a.m.•48 views

ALSA-2023:5312 Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-20900 For...

7.5CVSS7.5AI score0.01193EPSS
Exploits0References4
OSV
OSV
•added 2023/09/12 12:0 a.m.•49 views

ALSA-2023:5069 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 5.14.0. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch...

7.8CVSS7.9AI score0.05794EPSS
Exploits5References22
OSV
OSV
•added 2023/09/06 8:13 p.m.•48 views

CVE-2023-29198 Context isolation bypass via nested unserializable return value in Electron

Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using contextIsolation and contextBridge are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach...

6CVSS8.2AI score0.0049EPSS
Exploits0References4
OSV
OSV
•added 2023/09/01 12:0 a.m.•48 views

ASB-A-285903027

Bulletin has no description...

7.5CVSS7.2AI score0.003EPSS
Exploits0References2
OSV
OSV
•added 2023/08/09 4:9 p.m.•48 views

CVE-2023-39531 Sentry vulnerable to incorrect credential validation on OAuth token requests

Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 23.7.2, an attacker with sufficient client-side exploits could retrieve a valid access token for another user during the OAuth token exchange due to incorrect credential validation. Th...

6.5CVSS6.4AI score0.00308EPSS
Exploits0References3
OSV
OSV
•added 2023/07/14 9:58 p.m.•48 views

GHSA-JQ43-Q8MX-R7MQ SwiftTerm Code Injection vulnerability

Impact Attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. Credit These...

7.1CVSS7.7AI score0.0043EPSS
Exploits0References4
OSV
OSV
•added 2023/07/13 10:19 p.m.•48 views

GO-2023-1883 Denial of service via OOM in github.com/cometbft/cometbft

A bug in the CometBFT middleware causes the mempool's two data structures to fall out of sync. This can lead to duplicate transactions that cannot be removed, even after they are committed in a block. The only way to remove the transaction is to restart the node. This can be exploited by an...

8.2CVSS8AI score0.00901EPSS
Exploits1References3
OSV
OSV
•added 2023/07/11 3:15 p.m.•48 views

PYSEC-2023-116

xalpha v0.11.4 is vulnerable to Remote Command Execution RCE...

9.8CVSS9.2AI score0.01406EPSS
Exploits1References3
OSV
OSV
•added 2023/07/01 12:0 a.m.•48 views

ASB-A-261723753

In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.3AI score0.0009EPSS
Exploits0References2
OSV
OSV
•added 2023/06/21 5:15 p.m.•48 views

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS7.1AI score0.03776EPSS
Exploits0References7
OSV
OSV
•added 2023/06/12 4:15 p.m.•48 views

CVE-2023-34468

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC...

8.8CVSS8.5AI score0.63633EPSS
Exploits9References5
OSV
OSV
•added 2023/05/25 7:53 p.m.•48 views

RLSA-2023:2655 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.19.1, nodejs-nodemon 2.0.20. Security Fixes: c-ares: buffer overflow in...

8.6CVSS8.3AI score0.02023EPSS
Exploits3References8
OSV
OSV
•added 2023/05/16 12:0 a.m.•48 views

ALSA-2023:3082 Moderate: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 For more details about the security...

7.5CVSS6.9AI score0.0183EPSS
Exploits0References6
OSV
OSV
•added 2023/05/01 12:0 a.m.•48 views

ASB-A-256202273

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

6.7CVSS6.6AI score0.00091EPSS
Exploits0References3
OSV
OSV
•added 2023/04/26 3:28 p.m.•48 views

RLSA-2023:1879 Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References11
OSV
OSV
•added 2023/04/25 7:48 p.m.•48 views

GHSA-J4RF-7357-F4CG Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Impact There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer 1.1.0 and installations that include apptainer-suid 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10...

7CVSS7.7AI score0.00369EPSS
Exploits0References18
OSV
OSV
•added 2023/04/25 12:0 a.m.•48 views

ALSA-2023:1909 Important: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References16
OSV
OSV
•added 2023/04/11 12:0 a.m.•48 views

ALSA-2023:1691 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 For more details about the security issues, including the...

7.8CVSS8.2AI score0.0788EPSS
Exploits14References4
OSV
OSV
•added 2023/04/11 12:0 a.m.•48 views

ALSA-2023:1703 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7.9AI score0.0788EPSS
Exploits14References4
OSV
OSV
•added 2023/04/06 3:23 p.m.•48 views

RLSA-2023:1469 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-026...

7.8CVSS7.5AI score0.03702EPSS
Exploits0References4
OSV
OSV
•added 2023/02/21 9:0 p.m.•48 views

CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS8.2AI score0.85247EPSS
Exploits2References4
OSV
OSV
•added 2023/02/17 12:0 a.m.•48 views

DSA-5352-1 wpewebkit - security update

Bulletin has no description...

8.8CVSS9AI score0.09426EPSS
Exploits0
OSV
OSV
•added 2023/02/16 10:31 p.m.•48 views

GO-2023-1571 Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests...

7.5CVSS7.6AI score0.04561EPSS
Exploits0References4
OSV
OSV
•added 2023/02/09 12:0 a.m.•48 views

DLA-3314-1 libsdl2 - security update

Bulletin has no description...

8.8CVSS7.5AI score0.03299EPSS
Exploits12
OSV
OSV
•added 2023/01/24 8:47 p.m.•48 views

GHSA-864V-6QJ7-62QJ Issue with whitespace in JWT roles in OpenSearch

Advisory title: Issue with whitespace in JWT roles Affected versions: OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1 Patched versions: OpenSearch 1.3.8 and 2.5.0 Impact: OpenSearch uses JWTs to store role claims obtained from the Identity Provider IdP when the authentication backend is SAML or OpenID...

4.7CVSS6.3AI score0.00796EPSS
Exploits0References4
OSV
OSV
•added 2023/01/12 12:0 p.m.•48 views

RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References4
OSV
OSV
•added 2023/01/12 12:0 a.m.•48 views

ALSA-2023:0110 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

7.5CVSS7.4AI score0.19193EPSS
Exploits2References4
OSV
OSV
•added 2023/01/03 12:28 p.m.•48 views

GHSA-J94P-HV25-RM5G Apiman has potential permissions bypass

Impact Incorrect default permissions for certain read-only resources in the Apiman 1.5.7.Final through 2.2.3.Final in the Apiman Manager REST API allows a remote authenticated attacker to access information and resources in an Apiman Organizations they are not a member of and/or do not have...

7.1CVSS6AI score0.00604EPSS
Exploits0References6
OSV
OSV
•added 2022/12/16 11:15 p.m.•48 views

PYSEC-2022-42993

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpackarchive from a potentially malicious tarball without validating that the destinati...

6.5CVSS6.9AI score0.00704EPSS
Exploits1References3
OSV
OSV
•added 2022/12/12 9:19 p.m.•48 views

GHSA-MJMJ-J48Q-9WG2 SnakeYaml Constructor Deserialization Remote Code Execution

Summary SnakeYaml's Constructor class, which inherits from SafeConstructor, allows any type be deserialized given the following line: new Yamlnew ConstructorTestDataClass.class.loadyamlContent; Types do not have to match the types of properties in the target class. A ConstructorException is throw...

8.3CVSS9AI score0.99615EPSS
Exploits7References19
OSV
OSV
•added 2022/12/08 7:1 p.m.•48 views

GO-2022-1144 Excessive memory growth in net/http and golang.org/x/net/http2

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

5.3CVSS6.7AI score0.05623EPSS
Exploits0References4
OSV
OSV
•added 2022/11/08 11:0 p.m.•48 views

GHSA-8G2P-5PQH-5JMC .NET Information Disclosure Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET, .NET Core and .NET Framework's System.Data.SqlClient and Microsoft.Data.SqlClient NuGet Packages. A vulnerability exists in System.Data.SqlClient and Microsoft.Data.SqlClient libraries where a...

5.8CVSS6.1AI score0.00747EPSS
Exploits0References6
OSV
OSV
•added 2022/11/08 6:25 a.m.•48 views

RLSA-2022:7647 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of uninitialized value of in r:parsebody CVE-2022-22719 httpd: core: Possible buffer overflow with very...

8.1CVSS8.8AI score0.90407EPSS
Exploits2References11
OSV
OSV
•added 2022/11/01 6:15 p.m.•48 views

CVE-2022-3786

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8AI score
Exploits0References4
OSV
OSV
•added 2022/11/01 12:0 p.m.•48 views

RUSTSEC-2022-0064 X.509 Email Address 4-byte Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

7.5CVSS8.2AI score0.9077EPSS
Exploits6References3
OSV
OSV
•added 2022/10/19 7:0 p.m.•48 views

GHSA-27RF-8MJP-R363 Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin

Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be...

8.8CVSS9.9AI score0.01095EPSS
Exploits0References3
OSV
OSV
•added 2022/10/18 9:16 p.m.•48 views

GHSA-C27J-76XG-6X4F Kirby CMS vulnerable to user enumeration in the brute force protection

TL;DR This vulnerability affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be exploited for targeted attacks because the attack does not scale to brute force. ---- Introduction User enumeration is a type of vulnerability that allows...

6.5CVSS5.7AI score0.00585EPSS
Exploits0References7
OSV
OSV
•added 2022/09/22 12:0 a.m.•48 views

GHSA-6CVR-RVPM-9WX4 Jenkins SCM HttpClient Plugin vulnerable to Cross-Site Request Forgery

SCM HttpClient Plugin 1.5 and earlier does not perform permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing...

4.2CVSS8.7AI score0.0039EPSS
Exploits0References4
OSV
OSV
•added 2022/09/07 12:0 a.m.•48 views

DSA-5227-1 libgoogle-gson-java - security update

Bulletin has no description...

7.7CVSS7.8AI score0.1158EPSS
Exploits0
OSV
OSV
•added 2022/09/01 12:0 a.m.•48 views

ASB-A-219942275

In storeAtts of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS8.7AI score0.04829EPSS
Exploits0References2
OSV
OSV
•added 2022/07/28 12:0 p.m.•48 views

RUSTSEC-2022-0038 Denial of service on deeply nested fragment requests

Deeply nested fragments in a GraphQL request may cause a stack overflow in the server...

7.5CVSS7.6AI score0.01305EPSS
Exploits1References3
OSV
OSV
•added 2022/07/22 12:0 a.m.•48 views

DSA-5186-1 djangorestframework - security update

Bulletin has no description...

6.1CVSS6.2AI score0.01286EPSS
Exploits0
OSV
OSV
•added 2022/07/12 3:15 p.m.•48 views

PYSEC-2022-226

The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting XSS via the query string parameter q. In the case where it does not contain the http string, it is used to build the errormessage that is then rendered in the error.html template, using the flask.rendertemplate functio...

6.1CVSS0.7AI score0.00772EPSS
Exploits0References4
OSV
OSV
•added 2022/06/09 11:47 p.m.•48 views

GHSA-F2WF-25XC-69C9 Failure to strip the Cookie header on change in host or HTTP downgrade

Impact Cookie headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, or on making a request to a server which responds with a redirect to a a URI to a different host, we should not forward...

7.5CVSS7.5AI score0.0182EPSS
Exploits0References8
Total number of security vulnerabilities5000