Lucene search
K
OsvMost viewed

907646 matches found

OSV
OSV
added 2022/05/17 4:4 a.m.43 views

GHSA-J8QW-MWMV-28CG Improper Limitation of a Pathname to a Restricted Directory in Apache Solr

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. dot dot or full pathname in the tr parameter to solr/select/, when the response writer wt parameter is set to XSLT. NOTE: this can be leveraged using a separa...

4.3CVSS6.2AI score0.56255EPSS
Exploits1References10
OSV
OSV
added 2022/05/17 12:0 a.m.43 views

GHSA-7QCQ-XP2F-56F6 Apache Tika vulnerable to uncontrolled memory consumption

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files...

5.5CVSS5.6AI score0.02027EPSS
Exploits0References6
OSV
OSV
added 2022/05/14 3:52 a.m.43 views

GHSA-QX6H-9567-5FQW Arbitrary file write in Apache Commons Fileupload

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

7.5CVSS8.3AI score0.12768EPSS
Exploits0References15
OSV
OSV
added 2022/05/14 1:57 a.m.43 views

GHSA-M3X6-9V6H-4G28 Cross-site Scripting in Apache Struts

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

6.1CVSS6AI score0.11562EPSS
Exploits0References11
OSV
OSV
added 2022/05/13 1:36 a.m.43 views

GHSA-RJ76-H87P-R3WF Undertow vulnerable to Request Smuggling

In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...

6.1CVSS6.2AI score0.01655EPSS
Exploits0References4
OSV
OSV
added 2022/05/13 1:7 a.m.43 views

GHSA-6FXM-66HQ-FC96 Uncontrolled Resource Consumption in Apache Commons Compress

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

5CVSS6AI score0.12608EPSS
Exploits1References31
OSV
OSV
added 2022/05/10 8:14 a.m.43 views

RLSA-2022:2031 Low: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.6. BZ1896651 Security Fixes: libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634...

3.5CVSS6.8AI score0.04683EPSS
Exploits0References4
OSV
OSV
added 2022/05/10 6:53 a.m.43 views

ALSA-2022:2092 Moderate: bind security, bug fix, and enhancement update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...

5.3CVSS6.2AI score0.08001EPSS
Exploits0References2
OSV
OSV
added 2022/05/10 6:39 a.m.43 views

ALSA-2022:1930 Moderate: keepalived security and bug fix update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

5.5CVSS5.8AI score0.01159EPSS
Exploits0References2
OSV
OSV
added 2022/05/02 7:26 p.m.43 views

GHSA-HX8W-GHH8-R4XF Write access to the catalog for any user when restricted-admin role is enabled in Rancher

Impact This vulnerability only affects customers using the restricted-admin role in Rancher. For this role to be active, Rancher must be bootstrapped with the environment variable CATTLERESTRICTEDDEFAULTADMIN=true or the configuration flag restrictedAdmin=true. A flaw was discovered in Rancher...

8.1CVSS5.3AI score0.00566EPSS
Exploits0References5
OSV
OSV
added 2022/05/02 3:16 a.m.43 views

GHSA-W227-XCFX-3PJ8 Exposure of Sensitive Information in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

4.3CVSS5.1AI score0.9444EPSS
Exploits4References36
OSV
OSV
added 2022/05/01 5:44 p.m.43 views

GHSA-4PRH-GQW8-RGH5 Apache Tomcat Directory Traversal

Directory traversal vulnerability in Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 / slash, 2 \ backslash, and 3 URL-encoded backslash %...

5CVSS6.2AI score0.90768EPSS
Exploits2References34
OSV
OSV
added 2022/04/15 7:15 p.m.43 views

CVE-2022-26788

PowerShell Elevation of Privilege Vulnerability...

7.8CVSS6.7AI score0.00614EPSS
Exploits0References1
OSV
OSV
added 2022/04/12 8:15 p.m.43 views

CVE-2022-27380

An issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

7.5CVSS5.2AI score
Exploits0References3
OSV
OSV
added 2022/04/03 12:0 a.m.43 views

DSA-5112-1 chromium - security update

Bulletin has no description...

8.8CVSS7.6AI score0.01613EPSS
Exploits17
OSV
OSV
added 2022/04/01 11:15 p.m.43 views

CVE-2022-22963

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources...

9.8CVSS9.6AI score0.99939EPSS
Exploits36References7
OSV
OSV
added 2022/03/30 12:0 a.m.43 views

GHSA-8PP6-8X4Q-C5MX Server side request forgery in C1 CMS

C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...

7.6CVSS7.3AI score0.00734EPSS
Exploits0References4
OSV
OSV
added 2022/03/25 9:15 a.m.43 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

7.5CVSS3.2AI score
Exploits0References29
OSV
OSV
added 2022/03/23 9:0 p.m.43 views

CVE-2022-24731 Path traversal allows leaking out-of-bound files from Argo CD repo-server

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read/write access to leak sensitive files from Argo CD's...

6.8CVSS5.2AI score0.00923EPSS
Exploits0References3
OSV
OSV
added 2022/03/23 1:15 p.m.43 views

CVE-2021-25220

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as th...

6.8CVSS2.2AI score0.0325EPSS
Exploits0References10
OSV
OSV
added 2022/03/23 6:15 a.m.43 views

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS7.4AI score
Exploits0References5
OSV
OSV
added 2022/03/16 12:0 a.m.43 views

GHSA-M8GQ-83GH-V42V XML External Entities Vulnerability in CVRF-CSAF-Converter

CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities XXE. This leads to the inclusion of arbitrary local file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter...

6.1CVSS5.7AI score0.00663EPSS
Exploits0References3
OSV
OSV
added 2022/03/10 12:0 a.m.43 views

DLA-2942-1 firefox-esr - security update

Bulletin has no description...

9.6CVSS7.2AI score0.00931EPSS
Exploits4
OSV
OSV
added 2022/03/09 10:25 p.m.43 views

CVE-2022-24747 HTTP caching is marking private HTTP headers as public

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP...

6.3CVSS5.9AI score0.01055EPSS
Exploits0References5
OSV
OSV
added 2022/03/04 12:0 a.m.43 views

DSA-5089-1 chromium - security update

Bulletin has no description...

9.6CVSS6.8AI score0.01677EPSS
Exploits5
OSV
OSV
added 2022/03/02 10:24 p.m.43 views

GHSA-CM9W-C4RJ-R2CF Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in view_component

This is an XSS vulnerability that has the potential to impact anyone using translations with the viewcomponent gem. Data received via user input and passed as an interpolation argument to the translate method is not properly sanitized before display. Versions 2.29.1 and 2.49.1 have been released...

8.1CVSS6.8AI score0.01075EPSS
Exploits0References7
OSV
OSV
added 2022/02/23 11:50 p.m.43 views

CVE-2022-24707 SQL injection in anuko timetracker

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin...

7.4CVSS8.9AI score0.07159EPSS
Exploits5References5
OSV
OSV
added 2022/02/20 12:0 a.m.43 views

CVE-2022-0685 Use of Out-of-range Pointer Offset in vim/vim

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418...

8.4CVSS8.1AI score0.01723EPSS
Exploits1References11
OSV
OSV
added 2022/02/18 12:0 a.m.43 views

DSA-5082-1 php7.4 - security update

Bulletin has no description...

9.8CVSS7.6AI score0.25951EPSS
Exploits2
OSV
OSV
added 2022/02/15 1:57 a.m.43 views

GHSA-579H-MV94-G4GP Privilege Escalation in Kubernetes

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary reques...

9.8CVSS8.1AI score0.86978EPSS
Exploits10References22
OSV
OSV
added 2022/02/11 11:23 p.m.43 views

GHSA-7F33-F4F5-XWGW In-band key negotiation issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

2.5CVSS5AI score0.00231EPSS
Exploits1References10
OSV
OSV
added 2022/02/10 12:0 a.m.43 views

DSA-5070-1 cryptsetup - security update

Bulletin has no description...

4.3CVSS5.1AI score0.0028EPSS
Exploits0
OSV
OSV
added 2022/02/04 11:15 p.m.43 views

PYSEC-2022-82

Tensorflow is an Open Source Machine Learning Framework. The implementation of AssignOp can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of...

8.8CVSS0.9AI score0.00755EPSS
Exploits1References3
OSV
OSV
added 2022/02/03 12:0 a.m.43 views

DSA-5066-1 ruby2.5 - security update

Bulletin has no description...

7.5CVSS7.1AI score0.05061EPSS
Exploits4
OSV
OSV
added 2022/02/02 12:0 a.m.43 views

CVE-2022-0443 Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 8.2...

8.4CVSS8.1AI score0.01395EPSS
Exploits1References9
OSV
OSV
added 2022/01/25 12:0 a.m.43 views

DSA-5061-1 wpewebkit - security update

Bulletin has no description...

9.3CVSS8AI score0.07617EPSS
Exploits1
OSV
OSV
added 2022/01/19 12:15 p.m.43 views

CVE-2022-21277

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS4.8AI score
Exploits0References5
OSV
OSV
added 2022/01/18 12:0 a.m.43 views

DLA-2887-1 lighttpd - security update

Bulletin has no description...

7.5CVSS7.3AI score0.1408EPSS
Exploits1
OSV
OSV
added 2022/01/10 2:12 p.m.43 views

CVE-2022-22823

buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS3.7AI score
Exploits0References6
OSV
OSV
added 2022/01/06 10:50 p.m.43 views

CVE-2022-21661 SQL injection in WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WPQuery, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress...

8CVSS8AI score0.97795EPSS
Exploits14References13
OSV
OSV
added 2022/01/05 10:41 p.m.43 views

GO-2021-0163 Privilege escalation on Windows via malicious DLL in syscall

Untrusted search path vulnerability on Windows related to LoadLibrary allows local users to gain privileges via a malicious DLL in the current working directory...

7.8CVSS7.5AI score0.00396EPSS
Exploits0References4
OSV
OSV
added 2022/01/05 3:31 p.m.43 views

GO-2021-0160 Incorrect calculation affecting RSA computations in math/big

Int.Exp Montgomery mishandled carry propagation and produced an incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors. This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibl...

7.5CVSS7.2AI score0.02627EPSS
Exploits0References6
OSV
OSV
added 2021/11/15 9:57 a.m.43 views

RLSA-2021:4647 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 For mor...

8.8CVSS7.7AI score0.57853EPSS
Exploits2References3
OSV
OSV
added 2021/11/10 12:0 a.m.43 views

DSA-5004-1 libxstream-java - security update

Bulletin has no description...

8.8CVSS7.6AI score0.98124EPSS
Exploits16
OSV
OSV
added 2021/11/09 9:12 a.m.43 views

ALSA-2021:4373 Low: pcre security update

PCRE is a Perl-compatible regular expression library. Security Fixes: pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 CVE-2019-20838 pcre: Integer overflow when parsing callout numeric arguments CVE-2020-14155 For more details about the security...

7.5CVSS7AI score0.04182EPSS
Exploits0References3
OSV
OSV
added 2021/11/09 9:1 a.m.43 views

RLSA-2021:4326 Moderate: libX11 security update

The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: missing request length checks CVE-2021-31535 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in t...

8.1CVSS7.5AI score0.10634EPSS
Exploits2References2
OSV
OSV
added 2021/11/09 8:52 a.m.43 views

RLSA-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

7.5CVSS7.8AI score0.65067EPSS
Exploits0References8
OSV
OSV
added 2021/11/02 7:47 a.m.43 views

ALSA-2021:4056 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow in hidinputchangeresolutionmultipliers of...

8.8CVSS8.5AI score0.01476EPSS
Exploits0References3
OSV
OSV
added 2021/10/11 5:15 p.m.43 views

CVE-2021-32028

A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

6.5CVSS2.6AI score0.01449EPSS
Exploits0References4
OSV
OSV
added 2021/10/05 8:24 p.m.43 views

GHSA-69J6-29VR-P3J9 Authentication bypass for viewing and deletions of snapshots

Today we are releasing Grafana 7.5.11, and 8.1.6. These patch releases include an important security fix for an issue that affects all Grafana versions from 2.0.1. Grafana Cloud instances have already been patched and an audit did not find any usage of this attack vector. Grafana Enterprise...

7.3CVSS7.5AI score0.99888EPSS
Exploits1References13
Total number of security vulnerabilities5000