Lucene search
K
OsvMost viewed

907329 matches found

OSV
OSV
•added 2022/06/09 5:15 p.m.•43 views

CVE-2022-26377

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

7.5CVSS9.6AI score
Exploits0References6
OSV
OSV
•added 2022/06/02 2:15 p.m.•43 views

CVE-2022-27781

libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...

7.5CVSS2.5AI score0.02434EPSS
Exploits1References5
OSV
OSV
•added 2022/06/02 2:15 p.m.•43 views

CVE-2022-27774

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTPS redirects is used with authentication could leak credentials to other services that exist on different protocols ...

5.7CVSS3.6AI score0.01595EPSS
Exploits1References5
OSV
OSV
•added 2022/06/02 2:15 p.m.•43 views

CVE-2022-27776

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number...

6.5CVSS1.3AI score0.03425EPSS
Exploits1References7
OSV
OSV
•added 2022/05/24 8:47 p.m.•43 views

GHSA-R642-GV9P-2WJJ Argo CD will blindly trust JWT claims if anonymous access is enabled

Impact A critical vulnerability has been discovered in Argo CD which would allow unauthenticated users to impersonate as any Argo CD user or role, including the admin user, by sending a specifically crafted JSON Web Token JWT along with the request. In order for this vulnerability to be exploited...

10CVSS9.7AI score0.01857EPSS
Exploits0References6
OSV
OSV
•added 2022/05/24 8:14 p.m.•43 views

GO-2022-0213 Panic on invalid DSA public keys in crypto/dsa

Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic, even if the certificates don't chain to a trusted root. The chain can be delivered via a crypto/tls connection to a client, or to a server tha...

7.5CVSS7.3AI score0.04693EPSS
Exploits1References4
OSV
OSV
•added 2022/05/24 5:6 p.m.•43 views

GHSA-R4MW-GXF7-VXR9 Remote code execution in Microsoft.WindowsDesktop.App.Ref

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

8.8CVSS9.3AI score0.17263EPSS
Exploits0References4
OSV
OSV
•added 2022/05/24 5:1 p.m.•43 views

GHSA-HRFH-7J5F-8CCR Pivotal RabbitMQ is vulnerable to a denial of service attack

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be...

7.5CVSS7.2AI score0.04519EPSS
Exploits1References8
OSV
OSV
•added 2022/05/24 4:57 p.m.•43 views

GHSA-RJHX-C9QH-QH8F Cross-site Scripting in Eclipse Mojarra

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces, allows Reflected XSS because a client window field is mishandled...

6.1CVSS6.9AI score0.02469EPSS
Exploits1References9
OSV
OSV
•added 2022/05/17 4:4 a.m.•43 views

GHSA-J8QW-MWMV-28CG Improper Limitation of a Pathname to a Restricted Directory in Apache Solr

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. dot dot or full pathname in the tr parameter to solr/select/, when the response writer wt parameter is set to XSLT. NOTE: this can be leveraged using a separa...

4.3CVSS6.2AI score0.56255EPSS
Exploits1References10
OSV
OSV
•added 2022/05/17 3:7 a.m.•43 views

GHSA-RVQ6-MRPV-M6RM Code Injection in Django

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...

9.8CVSS6.7AI score0.05603EPSS
Exploits0References12
OSV
OSV
•added 2022/05/17 12:0 a.m.•43 views

GHSA-7QCQ-XP2F-56F6 Apache Tika vulnerable to uncontrolled memory consumption

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files...

5.5CVSS5.6AI score0.02027EPSS
Exploits0References6
OSV
OSV
•added 2022/05/14 3:52 a.m.•43 views

GHSA-QX6H-9567-5FQW Arbitrary file write in Apache Commons Fileupload

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

7.5CVSS8.3AI score0.12768EPSS
Exploits0References15
OSV
OSV
•added 2022/05/14 1:57 a.m.•43 views

GHSA-M3X6-9V6H-4G28 Cross-site Scripting in Apache Struts

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

6.1CVSS6AI score0.11562EPSS
Exploits0References11
OSV
OSV
•added 2022/05/13 1:7 a.m.•43 views

GHSA-6FXM-66HQ-FC96 Uncontrolled Resource Consumption in Apache Commons Compress

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

5CVSS6AI score0.12608EPSS
Exploits1References31
OSV
OSV
•added 2022/05/10 8:14 a.m.•43 views

RLSA-2022:2031 Low: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.6. BZ1896651 Security Fixes: libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634...

3.5CVSS6.8AI score0.04683EPSS
Exploits0References4
OSV
OSV
•added 2022/05/10 6:53 a.m.•43 views

ALSA-2022:2092 Moderate: bind security, bug fix, and enhancement update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...

5.3CVSS6.2AI score0.08001EPSS
Exploits0References2
OSV
OSV
•added 2022/05/10 6:39 a.m.•43 views

ALSA-2022:1930 Moderate: keepalived security and bug fix update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

5.5CVSS5.8AI score0.01159EPSS
Exploits0References2
OSV
OSV
•added 2022/05/02 3:16 a.m.•43 views

GHSA-W227-XCFX-3PJ8 Exposure of Sensitive Information in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

4.3CVSS5.1AI score0.9444EPSS
Exploits4References36
OSV
OSV
•added 2022/05/01 5:44 p.m.•43 views

GHSA-4PRH-GQW8-RGH5 Apache Tomcat Directory Traversal

Directory traversal vulnerability in Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 / slash, 2 \ backslash, and 3 URL-encoded backslash %...

5CVSS6.2AI score0.90768EPSS
Exploits2References34
OSV
OSV
•added 2022/04/15 7:15 p.m.•43 views

CVE-2022-26788

PowerShell Elevation of Privilege Vulnerability...

7.8CVSS6.7AI score0.00614EPSS
Exploits0References1
OSV
OSV
•added 2022/04/12 8:15 p.m.•43 views

CVE-2022-27380

An issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

7.5CVSS5.2AI score
Exploits0References3
OSV
OSV
•added 2022/04/03 12:0 a.m.•43 views

DSA-5112-1 chromium - security update

Bulletin has no description...

8.8CVSS7.6AI score0.01613EPSS
Exploits17
OSV
OSV
•added 2022/04/01 11:15 p.m.•43 views

CVE-2022-22963

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources...

9.8CVSS9.6AI score0.99939EPSS
Exploits36References7
OSV
OSV
•added 2022/04/01 5:26 p.m.•43 views

GHSA-R9W3-G83Q-M6HQ Prototype Pollution in deepmerge-ts

deepmerge-ts is used to merge 2 or more objects respecting type information. deepmerge-ts is vulnerable to Prototype Pollution via file deepmerge.ts, function defaultMergeRecords. A fix was released in version 4.0.2. Currently, there is no known workaround...

8.1CVSS8.8AI score0.01612EPSS
Exploits0References5
OSV
OSV
•added 2022/03/30 12:0 a.m.•43 views

GHSA-8PP6-8X4Q-C5MX Server side request forgery in C1 CMS

C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...

7.6CVSS7.3AI score0.00734EPSS
Exploits0References4
OSV
OSV
•added 2022/03/25 9:15 a.m.•43 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

7.5CVSS3.2AI score
Exploits0References29
OSV
OSV
•added 2022/03/24 10:44 a.m.•43 views

RLSA-2022:1049 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

8.3CVSS9.3AI score0.28189EPSS
Exploits0References2
OSV
OSV
•added 2022/03/23 9:0 p.m.•43 views

CVE-2022-24731 Path traversal allows leaking out-of-bound files from Argo CD repo-server

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read/write access to leak sensitive files from Argo CD's...

6.8CVSS5.2AI score0.00923EPSS
Exploits0References3
OSV
OSV
•added 2022/03/23 1:15 p.m.•43 views

CVE-2021-25220

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as th...

6.8CVSS2.2AI score0.0325EPSS
Exploits0References10
OSV
OSV
•added 2022/03/23 6:15 a.m.•43 views

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS7.4AI score
Exploits0References5
OSV
OSV
•added 2022/03/14 6:15 p.m.•43 views

PYSEC-2022-163

The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the updaterepo function when using hg, the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution...

9.8CVSS3.8AI score0.03652EPSS
Exploits0References3
OSV
OSV
•added 2022/03/10 12:0 a.m.•43 views

DLA-2942-1 firefox-esr - security update

Bulletin has no description...

9.6CVSS7.2AI score0.00931EPSS
Exploits4
OSV
OSV
•added 2022/03/09 10:25 p.m.•43 views

CVE-2022-24747 HTTP caching is marking private HTTP headers as public

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP...

6.3CVSS5.9AI score0.01055EPSS
Exploits0References5
OSV
OSV
•added 2022/03/04 12:0 a.m.•43 views

DSA-5089-1 chromium - security update

Bulletin has no description...

9.6CVSS6.8AI score0.01677EPSS
Exploits5
OSV
OSV
•added 2022/03/02 10:24 p.m.•43 views

GHSA-CM9W-C4RJ-R2CF Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in view_component

This is an XSS vulnerability that has the potential to impact anyone using translations with the viewcomponent gem. Data received via user input and passed as an interpolation argument to the translate method is not properly sanitized before display. Versions 2.29.1 and 2.49.1 have been released...

8.1CVSS6.8AI score0.01075EPSS
Exploits0References7
OSV
OSV
•added 2022/02/23 11:50 p.m.•43 views

CVE-2022-24707 SQL injection in anuko timetracker

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin...

7.4CVSS8.9AI score0.07159EPSS
Exploits5References5
OSV
OSV
•added 2022/02/20 12:0 a.m.•43 views

CVE-2022-0685 Use of Out-of-range Pointer Offset in vim/vim

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418...

8.4CVSS8.1AI score0.01723EPSS
Exploits1References11
OSV
OSV
•added 2022/02/18 12:0 a.m.•43 views

DSA-5082-1 php7.4 - security update

Bulletin has no description...

9.8CVSS7.6AI score0.25951EPSS
Exploits2
OSV
OSV
•added 2022/02/15 1:57 a.m.•43 views

GHSA-579H-MV94-G4GP Privilege Escalation in Kubernetes

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary reques...

9.8CVSS8.1AI score0.86978EPSS
Exploits10References22
OSV
OSV
•added 2022/02/11 11:23 p.m.•43 views

GHSA-7F33-F4F5-XWGW In-band key negotiation issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

2.5CVSS5AI score0.00231EPSS
Exploits1References10
OSV
OSV
•added 2022/02/10 12:0 a.m.•43 views

DSA-5070-1 cryptsetup - security update

Bulletin has no description...

4.3CVSS5.1AI score0.0028EPSS
Exploits0
OSV
OSV
•added 2022/02/04 11:15 p.m.•43 views

PYSEC-2022-82

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

8.8CVSS0.9AI score0.00755EPSS
Exploits1References3
OSV
OSV
•added 2022/02/03 12:0 a.m.•43 views

DSA-5066-1 ruby2.5 - security update

Bulletin has no description...

7.5CVSS7.1AI score0.05061EPSS
Exploits4
OSV
OSV
•added 2022/02/02 12:0 a.m.•43 views

CVE-2022-0443 Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 8.2...

8.4CVSS8.1AI score0.01395EPSS
Exploits1References9
OSV
OSV
•added 2022/01/25 12:0 a.m.•43 views

DSA-5061-1 wpewebkit - security update

Bulletin has no description...

9.3CVSS8AI score0.07617EPSS
Exploits1
OSV
OSV
•added 2022/01/19 12:15 p.m.•43 views

CVE-2022-21277

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS4.8AI score
Exploits0References5
OSV
OSV
•added 2022/01/18 12:0 a.m.•43 views

DLA-2887-1 lighttpd - security update

Bulletin has no description...

7.5CVSS7.3AI score0.1408EPSS
Exploits1
OSV
OSV
•added 2022/01/10 2:12 p.m.•43 views

CVE-2022-22823

buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS3.7AI score
Exploits0References6
OSV
OSV
•added 2022/01/06 10:50 p.m.•43 views

CVE-2022-21661 SQL injection in WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WPQuery, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress...

8CVSS8AI score0.97795EPSS
Exploits14References13
Total number of security vulnerabilities5000