Lucene search
K
OsvMost viewed

908024 matches found

OSV
OSV
•added 2024/03/06 11:7 a.m.•47 views

BIT-PYTHON-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...

7.1CVSS6.7AI score0.06617EPSS
Exploits1References17
OSV
OSV
•added 2024/03/06 11:5 a.m.•47 views

BIT-PYTHON-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an...

7.5CVSS6.7AI score0.08325EPSS
Exploits1References10
OSV
OSV
•added 2024/03/06 11:3 a.m.•47 views

BIT-PRESTASHOP-2023-39526 PrestaShopSQL manager vulnerability (potential RCE)

PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds...

9.8CVSS10AI score0.01342EPSS
Exploits0References3
OSV
OSV
•added 2024/03/06 10:58 a.m.•47 views

BIT-NGINX-2022-41742 NGINX ngx_http_mp4_module vulnerability CVE-2022-41742

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to cause a worker process crash, or might...

7.1CVSS7.1AI score0.01069EPSS
Exploits2References8
OSV
OSV
•added 2024/01/30 4:15 p.m.•47 views

PYSEC-2024-32

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a tas...

4.3CVSS6.6AI score0.00257EPSS
Exploits0References2
OSV
OSV
•added 2024/01/25 12:0 a.m.•47 views

ALSA-2024:0465 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

7.3CVSS7.1AI score0.01249EPSS
Exploits1References4
OSV
OSV
•added 2024/01/08 3:18 p.m.•47 views

CVE-2024-21650 XWiki Remote Code Execution vulnerability via user registration

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution RCE attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the...

10CVSS9.5AI score0.9348EPSS
Exploits1References5
OSV
OSV
•added 2023/11/15 8:53 p.m.•47 views

CVE-2023-48224 Cryptographically Weak Generation of One-Time Codes for Identity Verification in ethyca-fides

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller use...

8.2CVSS9AI score0.00992EPSS
Exploits0References5
OSV
OSV
•added 2023/11/09 2:42 p.m.•47 views

GHSA-F475-X83M-RX5M Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens

Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability was found to affect versions before 1.8.2, where a patch was introduced. Overview In Label Studio version 1.8.1, a hard coded Django SECRETKEY was set in the...

9.8CVSS9.7AI score0.01241EPSS
Exploits3References7
OSV
OSV
•added 2023/11/07 12:0 a.m.•47 views

ALSA-2023:6679 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: TELNET option IAC injection CVE-2023-27533 curl: SFTP...

9.8CVSS7.6AI score0.02195EPSS
Exploits4References10
OSV
OSV
•added 2023/11/06 7:32 a.m.•47 views

BIT-2020-2812

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS5.8AI score0.02981EPSS
Exploits0References11Affected Software1
OSV
OSV
•added 2023/11/01 12:0 a.m.•47 views

ASB-A-274006187

Bulletin has no description...

5.5CVSS7.2AI score0.00182EPSS
Exploits0References1
OSV
OSV
•added 2023/10/26 6:23 a.m.•47 views

BIT-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS7.2AI score0.01819EPSS
Exploits0References3Affected Software1
OSV
OSV
•added 2023/10/25 6:17 p.m.•47 views

PYSEC-2023-220

Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 2.0.x, certain REST API endpoints, in combination with the ?depth= query parameter, can expose hashed user passwords as stored in the database to...

6.5CVSS6.6AI score0.00529EPSS
Exploits1References3
OSV
OSV
•added 2023/10/25 6:20 a.m.•47 views

BIT-2023-42627

Multiple stored cross-site scripting XSS vulnerabilities in the Commerce module in Liferay Portal 7.3.5 through 7.4.3.91, and Liferay DXP 7.3 update 33 and earlier, and 7.4 before update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a 1...

9.6CVSS5.7AI score0.02261EPSS
Exploits1References1Affected Software1
OSV
OSV
•added 2023/10/17 2:24 p.m.•47 views

GHSA-8WX3-324G-W4QQ OpenSearch uncontrolled resource consumption

Impact An issue has been identified with how OpenSearch handled incoming requests on the HTTP layer. An unauthenticated user could force an OpenSearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering an...

7.5CVSS7.6AI score
Exploits0References2
OSV
OSV
•added 2023/10/16 12:0 a.m.•47 views

ALSA-2023:5712 Moderate: nginx:1.20 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
OSV
OSV
•added 2023/10/04 2:46 p.m.•47 views

GHSA-MVRP-3CVX-C325 Zod denial of service vulnerability during email validation

Impact API servers running express-zod-api having: - version of express-zod-api below 10.0.0-beta1, - and using the following or similar validation schema in its implementation: z.string.email, are vulnerable to a DoS attack due to: - Inefficient Regular Expression Complexity in zod versions up t...

7.5CVSS7.5AI score
Exploits0References5
OSV
OSV
•added 2023/09/20 3:30 a.m.•47 views

GHSA-G8H7-MCP6-PF47 File Upload vulnerability in Dolibarr ERP CRM

File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions...

8.8CVSS8.8AI score0.01343EPSS
Exploits1References4
OSV
OSV
•added 2023/09/12 9:15 p.m.•47 views

PYSEC-2023-173

Piccolo is an ORM and query builder which supports asyncio. In versions 0.120.0 and prior, the implementation of BaseUser.login leaks enough information to a malicious user such that they would be able to successfully generate a list of valid users on the platform. As Piccolo on its own does not...

5.3CVSS7AI score0.00459EPSS
Exploits0References2
OSV
OSV
•added 2023/08/24 10:3 p.m.•47 views

CVE-2023-32079 Netmaker Privilige Escalation Vulnerability

Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run...

8.8CVSS8.4AI score0.00711EPSS
Exploits0References3
OSV
OSV
•added 2023/08/23 8:41 p.m.•47 views

GHSA-8XHR-X3V8-RGHJ XWiki Platform's Groovy jobs check the wrong author, allowing remote code execution

Impact XWiki supports scheduled jobs that contain Groovy scripts. Currently, the job checks the content author of the job for programming right. However, modifying or adding a job script to a document doesn't modify the content author. Together with a CSRF vulnerability in the job scheduler, this...

9CVSS9.2AI score0.00997EPSS
Exploits1References5
OSV
OSV
•added 2023/08/08 12:0 a.m.•47 views

ALSA-2023:4536 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs 18.16.1. BZ2223630, BZ2223631, BZ2223632, BZ2223633, BZ2223635, BZ2223642 Security Fixes: nodejs...

7.5CVSS7.1AI score0.03906EPSS
Exploits1References10
OSV
OSV
•added 2023/07/17 9:2 p.m.•47 views

CVE-2023-37476 Zip slip in OpenRefine

OpenRefine is a free, open source tool for data processing. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution in the context of the OpenRefine process if a user can be convinced to import it. The vulnerability exists in all versions of...

5.5CVSS7.3AI score0.00632EPSS
Exploits0References6
OSV
OSV
•added 2023/06/14 2:54 p.m.•47 views

GHSA-JQXR-VJVV-899M @keystone-6/auth Open Redirect vulnerability

Summary There is an open redirect in the @keystone-6/auth package, where the redirect leading / filter can be bypassed. Impact Users may be redirected to domains other than the relative host, thereby it might be used by attackers to re-direct users to an unexpected location. Mitigations - Don't u...

6.1CVSS5AI score0.00407EPSS
Exploits0References4
OSV
OSV
•added 2023/06/12 6:37 p.m.•47 views

GHSA-5FP6-4XW3-XQQ3 @keystone-6/core's bundled cuid package known to be insecure

Summary The cuid package used by @keystone-6/ and upstream dependencies is deprecated and marked as insecure by the author. As reported by the author Cuid and other k-sortable and non-cryptographic ids Ulid, ObjectId, KSUID, all UUIDs are all insecure. Use @paralleldrive/cuid2 instead. What are...

7.1AI score
Exploits0References4
OSV
OSV
•added 2023/06/12 6:30 p.m.•47 views

GHSA-65WH-G8X8-GM2H Apache NiFi vulnerable to Deserialization of Untrusted Data

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location...

6.5CVSS6.6AI score0.02351EPSS
Exploits1References8
OSV
OSV
•added 2023/05/31 2:15 p.m.•47 views

CVE-2023-26842

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the OptionManager.php...

5.4CVSS5.8AI score0.01409EPSS
Exploits1References1
OSV
OSV
•added 2023/04/26 3:28 p.m.•47 views

RLSA-2023:1879 Important: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References11
OSV
OSV
•added 2023/04/25 7:48 p.m.•47 views

GHSA-J4RF-7357-F4CG Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Impact There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer 1.1.0 and installations that include apptainer-suid 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10...

7CVSS7.7AI score0.00369EPSS
Exploits0References18
OSV
OSV
•added 2023/04/20 9:33 p.m.•47 views

GHSA-WH3W-JCC7-MHMF pretalx vulnerable to path traversal in HTML export

pretalx before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...

7.1CVSS6.4AI score0.06648EPSS
Exploits1References7
OSV
OSV
•added 2023/04/19 7:15 p.m.•47 views

CVE-2023-1586

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use TOCTOU vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11...

4.7CVSS5.9AI score0.0021EPSS
Exploits0References1
OSV
OSV
•added 2023/04/06 3:54 p.m.•47 views

RXSA-2023:0951 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free in...

7.8CVSS7.4AI score0.06346EPSS
Exploits5References6
OSV
OSV
•added 2023/03/30 8:20 p.m.•47 views

GHSA-G2J6-57V7-GM8C runc AppArmor bypass with symlinked /proc

Impact It was found that AppArmor, and potentially SELinux, can be bypassed when /proc inside the container is symlinked with a specific mount configuration. Patches Fixed in runc v1.1.5, by prohibiting symlinked /proc: https://github.com/opencontainers/runc/pull/3785 This PR fixes CVE-2023-27561...

6.1CVSS6.9AI score0.00343EPSS
Exploits0References5
OSV
OSV
•added 2023/03/22 5:15 p.m.•47 views

CVE-2023-0464

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...

7.5CVSS7.6AI score
Exploits0References11
OSV
OSV
•added 2023/03/01 6:30 p.m.•47 views

GHSA-XW5P-HW8J-XG4Q Grafana vulnerable to Cross-site Scripting

Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this...

5.4CVSS6.3AI score0.09216EPSS
Exploits0References3
OSV
OSV
•added 2023/02/28 12:0 a.m.•47 views

ALSA-2023:0951 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free in...

7.8CVSS7.4AI score0.06346EPSS
Exploits5References12
OSV
OSV
•added 2023/02/14 9:31 p.m.•47 views

GHSA-74M5-2C7W-9W3X MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

8.7CVSS7.3AI score0.01288EPSS
Exploits0References6
OSV
OSV
•added 2023/02/09 5:15 p.m.•47 views

CVE-2023-0575

External Control of Critical State Data, Improper Control of Generation of Code 'Code Injection' vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS DevopsBase.Java:execCommand, TableManager.Java:runCommand modules allows API Manipulation, Privilege Abuse. This vulnerability...

9.8CVSS6.8AI score
Exploits0References1
OSV
OSV
•added 2023/02/08 10:28 p.m.•47 views

GHSA-R7JW-WP68-3XCH openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS7.8AI score0.04494EPSS
Exploits0References11
OSV
OSV
•added 2023/02/07 8:54 p.m.•47 views

CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

4.8CVSS6.7AI score0.01301EPSS
Exploits1References6
OSV
OSV
•added 2023/02/06 11:27 p.m.•47 views

GHSA-8CFG-VX93-JVXW Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.5, = v1.18.13, = v1.17.15, v1.20.0-alpha2...

4.7CVSS5.8AI score0.00512EPSS
Exploits0References11
OSV
OSV
•added 2023/02/06 11:27 p.m.•47 views

GHSA-8MJG-8C8G-6H85 Kubernetes Sensitive Information leak via Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

4.7CVSS5.4AI score0.00461EPSS
Exploits0References8
OSV
OSV
•added 2023/01/26 9:15 p.m.•47 views

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7.5AI score0.13108EPSS
Exploits0References1
OSV
OSV
•added 2023/01/25 7:36 p.m.•47 views

GHSA-G25R-GVQ3-WRQ7 Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster

Impact An issue was discovered in Rancher where an authorization logic flaw allows an authenticated user on any downstream cluster to 1 open a shell pod in the Rancher local cluster and 2 have limited kubectl access to it. The expected behavior is that a user does not have such access in the...

7.4CVSS8AI score0.0047EPSS
Exploits0References4
OSV
OSV
•added 2023/01/11 12:0 a.m.•47 views

DSA-5316-1 netty - security update

Bulletin has no description...

7.5CVSS6.8AI score0.0628EPSS
Exploits2
OSV
OSV
•added 2023/01/09 9:57 p.m.•47 views

GHSA-JXGP-JGH3-8JC8 KubeOperator allows unauthorized access to system API

Summary Unauthorized access refers to the ability to bypass the system's preset permission settings to access some API interfaces. The attack exploits a flaw in how online applications handle routing permissions. Affected Version = v3.16.3 Patches The vulnerability has been fixed in v3.16.3...

7.3CVSS8.2AI score0.66768EPSS
Exploits0References5
OSV
OSV
•added 2022/12/23 9:30 p.m.•47 views

GHSA-P4QR-VQ2G-22WP ThinkPHP Framework vulnerable to remote code execution

ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...

9.8CVSS9.5AI score0.15505EPSS
Exploits2References5
OSV
OSV
•added 2022/12/23 12:0 a.m.•47 views

DLA-3247-1 node-trim-newlines - security update

Bulletin has no description...

7.5CVSS7.5AI score0.02901EPSS
Exploits0
OSV
OSV
•added 2022/12/08 7:1 p.m.•47 views

GO-2022-1144 Excessive memory growth in net/http and golang.org/x/net/http2

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

5.3CVSS6.7AI score0.05623EPSS
Exploits0References4
Total number of security vulnerabilities5000