Lucene search
K
OsvMost viewed

907369 matches found

OSV
OSV
added 2023/08/15 6:31 p.m.44 views

GHSA-PRGP-W7VF-CH62 LangChain vulnerable to arbitrary code execution

An issue in langchain langchain-ai before version 0.0.325 allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool.run component...

9.8CVSS9.5AI score0.01267EPSS
Exploits1References8
OSV
OSV
added 2023/08/14 6:15 p.m.44 views

CVE-2023-0872

The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizo...

8CVSS7AI score
Exploits0References2
OSV
OSV
added 2023/08/09 12:56 p.m.44 views

GHSA-VMCH-3W2X-VHGQ .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2023-38180: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1, .NET 6.0, and .NET 7.0. This advisory also provides guidance on what developers can do...

7.5CVSS7.8AI score0.15519EPSS
Exploits0References8
OSV
OSV
added 2023/08/08 4:15 p.m.44 views

PYSEC-2023-144

Cross Site Request Forgery CSRF vulnerability in wger Project wger Workout Manager 2.2.0a3 allows a remote attacker to gain privileges via the user-management feature in the gym/views/gym.py, templates/gym/resetuserpassword.html, templates/user/overview.html, core/views/user.py, and...

8.8CVSS7.3AI score0.00318EPSS
Exploits0References3
OSV
OSV
added 2023/08/01 12:0 a.m.44 views

ASB-A-264880895

In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References2
OSV
OSV
added 2023/08/01 12:0 a.m.44 views

ALSA-2023:4412 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 For more details...

9.8CVSS8.9AI score0.76768EPSS
Exploits10References4
OSV
OSV
added 2023/08/01 12:0 a.m.44 views

ASB-A-253043490

In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed...

6.8CVSS6.7AI score0.00125EPSS
Exploits0References2
OSV
OSV
added 2023/07/25 8:45 p.m.44 views

CVE-2023-37920 Certifi's removal of e-Tugra root certificate

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted ...

7.5CVSS7.7AI score0.00468EPSS
Exploits0References7
OSV
OSV
added 2023/07/20 3:15 p.m.44 views

CVE-2023-34967

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...

5.3CVSS7AI score0.62606EPSS
Exploits0References11
OSV
OSV
added 2023/07/01 12:0 a.m.44 views

ASB-A-274445194

In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

5.5CVSS5.5AI score0.00098EPSS
Exploits0References2
OSV
OSV
added 2023/06/21 12:0 a.m.44 views

DLA-3462-1 wordpress - security update

Bulletin has no description...

6.1CVSS5.6AI score0.79527EPSS
Exploits7
OSV
OSV
added 2023/06/12 4:15 p.m.44 views

CVE-2023-34468

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC...

8.8CVSS8.5AI score0.63383EPSS
Exploits9References5
OSV
OSV
added 2023/06/09 7:32 p.m.44 views

GHSA-Q36X-R5X4-H4Q6 Denial of service via HTTP/2 HEADERS frames padding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...

7.5CVSS7.3AI score0.01248EPSS
Exploits0References4
OSV
OSV
added 2023/05/26 9:15 p.m.44 views

CVE-2023-28321

An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...

5.9CVSS6.8AI score0.0181EPSS
Exploits1References12
OSV
OSV
added 2023/05/22 8:36 p.m.44 views

GHSA-J8R2-6X86-Q33Q Unintended leak of Proxy-Authorization header in requests

Impact Since Requests v2.3.0, Requests has been vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the Proxy-Authorization header to...

6.1CVSS6.7AI score0.02782EPSS
Exploits1References10
OSV
OSV
added 2023/05/07 2:15 a.m.44 views

CVE-2023-31047

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField only the last uploaded file was validated. However,...

9.8CVSS7.2AI score
Exploits0References6
OSV
OSV
added 2023/04/26 3:28 p.m.44 views

RLSA-2023:1743 Important: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.3. Security Fixes: decode-uri-component: improper input validation resulting i...

8.6CVSS8.1AI score0.24928EPSS
Exploits4References9
OSV
OSV
added 2023/04/25 7:48 p.m.44 views

GHSA-J4RF-7357-F4CG Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Impact There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer 1.1.0 and installations that include apptainer-suid 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10...

7CVSS7.7AI score0.00369EPSS
Exploits0References18
OSV
OSV
added 2023/04/01 12:0 a.m.44 views

ASB-A-252762941

In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.7AI score0.00092EPSS
Exploits0References2
OSV
OSV
added 2023/03/24 9:30 p.m.44 views

GHSA-948F-J464-RFJ2 Moodle may allow students to bypass sequential navigation during a quiz attempt

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

4.3CVSS4.7AI score0.00563EPSS
Exploits0References5
OSV
OSV
added 2023/02/24 6:48 p.m.44 views

GHSA-F598-MFPV-GMFX Sequelize - Default support for “raw attributes” when using parentheses

Impact Sequelize 6.28.2 and prior has a dangerous feature where using parentheses in the attribute option would make Sequelize use the string as-is in the SQL ts User.findAll attributes: 'countid', 'count' ; Produced sql SELECT countid AS "count" FROM "users" Patches This feature was deprecated i...

10CVSS9.3AI score0.00831EPSS
Exploits0References9
OSV
OSV
added 2023/02/21 12:0 a.m.44 views

ALSA-2023:0838 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and...

8.1CVSS7.2AI score0.02559EPSS
Exploits0References4
OSV
OSV
added 2023/02/14 9:31 p.m.44 views

GHSA-74M5-2C7W-9W3X MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

8.7CVSS7.3AI score0.01288EPSS
Exploits0References6
OSV
OSV
added 2023/02/10 8:15 a.m.44 views

CVE-2023-22832

The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity...

7.5CVSS7.5AI score0.0141EPSS
Exploits0References2
OSV
OSV
added 2023/02/08 10:22 p.m.44 views

GHSA-V5W6-WCM8-JM4Q openssl-src contains Double free after calling `PEM_read_bio_ex`

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

7.5CVSS7.8AI score0.20444EPSS
Exploits0References7
OSV
OSV
added 2023/02/08 10:21 p.m.44 views

GHSA-VRH7-X64V-7VXQ openssl-src contains `NULL` dereference during PKCS7 data verification

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.7AI score0.01846EPSS
Exploits0References7
OSV
OSV
added 2023/02/08 12:0 a.m.44 views

DSA-5345-1 chromium - security update

Bulletin has no description...

8.8CVSS7.6AI score0.00883EPSS
Exploits0
OSV
OSV
added 2023/01/27 12:0 a.m.44 views

DSA-5330-1 curl - security update

Bulletin has no description...

9.8CVSS7.8AI score0.04325EPSS
Exploits2
OSV
OSV
added 2023/01/26 12:0 a.m.44 views

ALSA-2023:0210 Moderate: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

5.3CVSS6AI score0.01357EPSS
Exploits0References6
OSV
OSV
added 2023/01/25 7:31 p.m.44 views

GHSA-8C69-R38J-RPFJ Rancher cattle-token is predictable

Impact An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the cattle-token secret, used by the cattle-cluster-agent, is predictable. Even after the token is regenerated, it will have the same value. This issue is not present in Rancher 2.5 releases. The...

7.1CVSS8AI score0.0172EPSS
Exploits0References4
OSV
OSV
added 2023/01/23 2:30 p.m.44 views

RLSA-2023:0339 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

5.9CVSS7.4AI score0.19193EPSS
Exploits2References2
OSV
OSV
added 2023/01/23 12:0 a.m.44 views

ALSA-2023:0328 Moderate: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...

7.5CVSS7.2AI score0.01544EPSS
Exploits1References8
OSV
OSV
added 2023/01/23 12:0 a.m.44 views

ALSA-2023:0321 Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16.18.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.9AI score0.14024EPSS
Exploits2References10
OSV
OSV
added 2023/01/14 1:15 a.m.44 views

CVE-2023-22853

Tiki before 24.1, when featurecreatewebhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval...

8.8CVSS7.3AI score
Exploits0References2
OSV
OSV
added 2022/12/28 3:30 a.m.44 views

GHSA-87MM-QXM5-CP3F go-resolver vulnerable to attacker-controlled domains due to unvalidated RRSIG RRs

go-resolver's DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. The owner name of RRSIG RRs is not validated, permitting an attacker to present the RRSIG for an attacker-controlled domain in a...

7.7CVSS6.3AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2022/12/12 12:0 a.m.44 views

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

5.3CVSS7.3AI score0.01466EPSS
Exploits1References6
OSV
OSV
added 2022/12/07 6:45 p.m.44 views

GO-2022-1113 Server-side request forgery in github.com/oam-dev/kubevela

When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability...

6.5CVSS5.6AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2022/12/07 12:0 a.m.44 views

DLA-3228-1 node-json-schema - security update

Bulletin has no description...

9.8CVSS8.9AI score0.03563EPSS
Exploits1
OSV
OSV
added 2022/11/29 11:55 p.m.44 views

GHSA-755V-R4X4-QF7M Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

Summary A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including the latest release 16.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing of the groups' dropdown...

5.4CVSS7.1AI score0.02731EPSS
Exploits1References2
OSV
OSV
added 2022/11/17 12:0 a.m.44 views

DSA-5283-1 jackson-databind - security update

Bulletin has no description...

7.5CVSS7.6AI score0.0486EPSS
Exploits4
OSV
OSV
added 2022/11/15 12:0 a.m.44 views

ALSA-2022:7954 Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

7.5CVSS9AI score0.07032EPSS
Exploits7References18
OSV
OSV
added 2022/11/09 10:15 p.m.44 views

CVE-2022-38023

Netlogon RPC Elevation of Privilege Vulnerability...

8.1CVSS3.6AI score0.02559EPSS
Exploits0References2
OSV
OSV
added 2022/11/08 12:0 a.m.44 views

DLA-3182-1 vim - security update

Bulletin has no description...

8.8CVSS8.1AI score0.26583EPSS
Exploits40
OSV
OSV
added 2022/11/07 3:15 a.m.44 views

CVE-2022-44793

handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

6.5CVSS3.5AI score
Exploits0References4
OSV
OSV
added 2022/10/26 8:0 a.m.44 views

CURL-CVE-2022-42916 HSTS bypass via IDN

curl's HSTS check could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This mechanism could be bypassed if the hostname in the given URL uses...

7.5CVSS8.5AI score0.01644EPSS
Exploits0
OSV
OSV
added 2022/10/21 6:15 p.m.44 views

CVE-2022-3647

DISPUTED A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitabili...

3.3CVSS3.7AI score
Exploits0References3
OSV
OSV
added 2022/10/19 9:13 p.m.44 views

RLSA-2022:7006 Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...

5.3CVSS5.9AI score0.02376EPSS
Exploits0References5
OSV
OSV
added 2022/09/16 9:30 p.m.44 views

CVE-2022-35982 Segfault in `SparseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. If SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

5.9CVSS7.6AI score0.00423EPSS
Exploits0References4
OSV
OSV
added 2022/09/14 11:15 a.m.44 views

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

8.1CVSS1.9AI score
Exploits0References12
OSV
OSV
added 2022/09/13 12:0 a.m.44 views

DLA-3107-1 sqlite3 - security update

Bulletin has no description...

9.8CVSS8.1AI score0.01067EPSS
Exploits0
Total number of security vulnerabilities5000