Lucene search
K
OsvMost viewed

903084 matches found

OSV
OSV
•added 2024/03/06 11:7 a.m.•41 views

BIT-MAGENTO-2020-24407 Arbitrary code execution via file import functionality

Magento versions 2.4.0 and 2.3.5p1 and earlier are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components...

9.1CVSS9AI score0.0552EPSS
Exploits1References2
OSV
OSV
•added 2024/03/06 11:6 a.m.•41 views

BIT-PHP-2020-7065 mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...

8.8CVSS8.8AI score0.04764EPSS
Exploits1References9
OSV
OSV
•added 2024/03/06 11:6 a.m.•41 views

BIT-POSTGRESQL-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS7.9AI score0.00532EPSS
Exploits0References12
OSV
OSV
•added 2024/03/06 11:6 a.m.•41 views

BIT-REDIS-2022-24834 Heap overflow issue with the Lua cjson library used by Redis

Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...

8.8CVSS8.1AI score0.4292EPSS
Exploits1References5
OSV
OSV
•added 2024/03/06 11:5 a.m.•41 views

BIT-SOLR-2023-44487

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7.9AI score0.99999EPSS
Exploits19References140
OSV
OSV
•added 2024/03/06 11:5 a.m.•41 views

BIT-SQLITE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

7.3CVSS7.3AI score0.00425EPSS
Exploits1References6
OSV
OSV
•added 2024/03/06 11:5 a.m.•41 views

BIT-REDIS-2022-36021 Redis string pattern matching can be abused to achieve Denial of Service

Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18...

5.5CVSS6AI score0.59706EPSS
Exploits0References3
OSV
OSV
•added 2024/03/06 11:3 a.m.•41 views

BIT-PYTHON-2023-38898

An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the asyncio.swapcurrenttask component. NOTE: this is disputed by the vendor because 1 neither 3.7 nor any other release is affected it is a bug in some 3.12 pre-releases; 2 there are no common scenarios in whi...

5.3CVSS6.7AI score0.01493EPSS
Exploits1References1
OSV
OSV
•added 2024/03/06 11:2 a.m.•41 views

BIT-PYTORCH-2022-45907

In PyTorch before trunk/89695, torch.jit.annotations.parsetypeline can cause arbitrary code execution because eval is used unsafely...

9.8CVSS9.6AI score0.01192EPSS
Exploits1References3
OSV
OSV
•added 2024/03/06 11:1 a.m.•41 views

BIT-PILLOW-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS7.5AI score0.01038EPSS
Exploits0References6
OSV
OSV
•added 2024/03/06 10:59 a.m.•41 views

BIT-DOTNET-SDK-2021-34485 .NET Core and Visual Studio Information Disclosure Vulnerability

.NET Core and Visual Studio Information Disclosure Vulnerability...

5.5CVSS5.8AI score0.01265EPSS
Exploits0References2
OSV
OSV
•added 2024/03/06 10:59 a.m.•41 views

BIT-DRUPAL-2020-11022 jQuery has a potential XSS vulnerability

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuery 3.5.0...

6.9CVSS6.7AI score0.99019EPSS
Exploits7References72
OSV
OSV
•added 2024/03/06 10:58 a.m.•41 views

BIT-DOTNET-2022-29145 .NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability...

7.5CVSS7.5AI score0.04663EPSS
Exploits0References6
OSV
OSV
•added 2024/03/06 10:55 a.m.•41 views

BIT-DJANGO-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

6.1CVSS6.8AI score0.03146EPSS
Exploits0References7
OSV
OSV
•added 2024/03/06 10:54 a.m.•41 views

BIT-JENKINS-2023-43496

Jenkins LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is...

8.8CVSS8.8AI score0.00944EPSS
Exploits0References3
OSV
OSV
•added 2024/03/06 10:53 a.m.•41 views

BIT-JENKINS-2024-23898

Jenkins 2.217 through 2.441 both inclusive, LTS 2.222.1 through 2.426.2 both inclusive does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking CSWSH vulnerability, allowing attackers to execute CLI commands on the Jenki...

8.8CVSS9.1AI score0.66921EPSS
Exploits1References4
OSV
OSV
•added 2024/03/06 10:51 a.m.•41 views

BIT-ESPOCRM-2023-5965

An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution...

7.2CVSS8.2AI score0.01049EPSS
Exploits0References1
OSV
OSV
•added 2024/03/06 10:51 a.m.•41 views

BIT-COMPOSER-2021-29472 Missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial in composer

Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. The impact to...

8.8CVSS8.9AI score0.04849EPSS
Exploits1References8
OSV
OSV
•added 2024/02/14 12:0 a.m.•41 views

DSA-5621-1 bind9 - security update

Bulletin has no description...

7.5CVSS7.2AI score0.99995EPSS
Exploits1
OSV
OSV
•added 2024/02/08 3:6 p.m.•41 views

GHSA-7C6P-848J-WH5H Composer code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php

Impact Several files within the local working directory are included during the invocation of Composer and in the context of the executing user. As such, under certain conditions arbitrary code execution may lead to local privilege escalation, provide lateral user movement or malicious code...

8.8CVSS8.4AI score0.00273EPSS
Exploits0References5
OSV
OSV
•added 2024/01/30 5:14 p.m.•41 views

CVE-2024-23841 XSS in @apollo/experimental-nextjs-app-support

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

8.2CVSS6.5AI score0.00385EPSS
Exploits0References4
OSV
OSV
•added 2024/01/23 12:15 a.m.•41 views

PYSEC-2024-16

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application. All users of Nautobot versions earlier than 1.6.10 or 2.1.2 are potentially impacted by a cross-site scripting vulnerability. Due to inadequate input sanitization, any user-editable fields that suppo...

5.4CVSS5.2AI score0.00433EPSS
Exploits0References5
OSV
OSV
•added 2024/01/16 4:15 p.m.•41 views

CVE-2023-45237

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

7.5CVSS7.1AI score
Exploits0References4
OSV
OSV
•added 2024/01/16 2:15 p.m.•41 views

CVE-2024-0567

A vulnerability was found in GnuTLS, where a cockpit which uses gnuTLS rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of...

7.5CVSS6.7AI score0.01408EPSS
Exploits1References12
OSV
OSV
•added 2024/01/12 7:57 p.m.•42 views

RLSA-2024:0134 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use after free in unixstreamsendpage CVE-2023-4622 kernel: vmwgfx: reference count issue leads to use-after-free in surface handli...

7.8CVSS7.6AI score0.0616EPSS
Exploits3References6
OSV
OSV
•added 2024/01/12 12:0 a.m.•41 views

DSA-5601-1 php-phpseclib3 - security update

Bulletin has no description...

5.9CVSS6.7AI score0.93305EPSS
Exploits4
OSV
OSV
•added 2024/01/10 12:0 a.m.•41 views

ALSA-2024:0155 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 For more details about the security issues,...

5.9CVSS7.1AI score0.01257EPSS
Exploits0References4
OSV
OSV
•added 2024/01/10 12:0 a.m.•41 views

ALSA-2024:0108 Moderate: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: timing attack against RSA decryption CVE-2023-5388 For more details about the security issues, including the impact, a CV...

6.5CVSS7.3AI score0.00816EPSS
Exploits0References4
OSV
OSV
•added 2024/01/10 12:0 a.m.•41 views

ALSA-2024:0152 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.101 and .NET Runtime 8.0.1...

9.8CVSS7.7AI score0.02868EPSS
Exploits0References8
OSV
OSV
•added 2024/01/03 4:15 p.m.•41 views

CVE-2024-21911

TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser...

6.1CVSS6AI score
Exploits0References5
OSV
OSV
•added 2024/01/01 12:0 a.m.•41 views

ASB-A-285142084

In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.5CVSS5.1AI score0.00105EPSS
Exploits0References2
OSV
OSV
•added 2023/12/29 12:0 a.m.•41 views

DLA-3697-1 firefox-esr - security update

Bulletin has no description...

8.8CVSS7.2AI score0.20472EPSS
Exploits0
OSV
OSV
•added 2023/12/13 9:26 p.m.•41 views

GHSA-3M87-5598-2V4F Withdrawn Advisory: Prometheus XSS Vulnerability

Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not apply to the Prometheus golang package. This link is maintained to preserve external references. Original Description A stored, DOM based, cross-site scripting XSS flaw was found in Prometheus before version...

5.4CVSS6.1AI score0.02736EPSS
Exploits0References12
OSV
OSV
•added 2023/12/12 2:15 a.m.•41 views

CVE-2023-46219

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use...

5.3CVSS6AI score0.01133EPSS
Exploits1References6
OSV
OSV
•added 2023/12/01 7:1 a.m.•41 views

CVE-2023-4658 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the Allowed to merge permission as a guest user, when granted t...

3.1CVSS4AI score0.00385EPSS
Exploits0References5
OSV
OSV
•added 2023/11/28 10:43 p.m.•41 views

RLSA-2023:7205 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: permission model improperly...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References7
OSV
OSV
•added 2023/11/28 6:30 p.m.•41 views

GHSA-53V4-42FG-G287 Apache ActiveMQ Deserialization of Untrusted Data vulnerability

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

8.8CVSS8.5AI score0.8581EPSS
Exploits2References13
OSV
OSV
•added 2023/11/23 12:15 a.m.•41 views

CVE-2023-30581

The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time...

7.5CVSS7.4AI score
Exploits0References2
OSV
OSV
•added 2023/11/20 8:58 p.m.•41 views

GHSA-C2FF-88X2-X9PG JWT Algorithm Confusion

Summary The fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. Details The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not properly match all common PEM formats for public keys. To exploit this vulnerability, an attacker needs to craft a...

5.9CVSS5.6AI score0.00687EPSS
Exploits1References6
OSV
OSV
•added 2023/11/16 11:30 a.m.•41 views

CVE-2023-6174 Out-of-bounds Read in Wireshark

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

6.3CVSS5.8AI score0.00752EPSS
Exploits0References8
OSV
OSV
•added 2023/11/15 12:0 a.m.•41 views

DLA-3653-1 libclamunrar - security update

Bulletin has no description...

7.8CVSS7.8AI score0.1308EPSS
Exploits1
OSV
OSV
•added 2023/11/14 8:30 p.m.•41 views

CVE-2023-47130 Unsafe deserialization of user data in yiisoft/yii

Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution RCE if the application calls unserialize on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29...

8.1CVSS9.4AI score0.03147EPSS
Exploits0References5
OSV
OSV
•added 2023/11/14 12:0 a.m.•41 views

ALSA-2023:7109 Moderate: linux-firmware security, bug fix, and enhancement update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-20569 For more details about the security issues, including the impact, a CVSS...

4.7CVSS7.2AI score0.0616EPSS
Exploits1References4
OSV
OSV
•added 2023/11/08 9:30 p.m.•41 views

GHSA-WF5P-G6VW-RHXX Axios Cross-Site Request Forgery Vulnerability

An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information...

6.5CVSS6.8AI score0.00556EPSS
Exploits1References12
OSV
OSV
•added 2023/11/07 9:46 p.m.•41 views

GHSA-6758-979H-249X capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name

Summary A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. Details - Tenant solar, owned by a ServiceAccount named tenant-owner in the Namespace solar - Tenant wind, owne...

4.3CVSS4.6AI score0.00415EPSS
Exploits0References5
OSV
OSV
•added 2023/11/07 12:0 a.m.•41 views

ALSA-2023:6380 Moderate: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 runc: Rootless runc makes /sys/fs/cgroup writable CVE-2023-25809 runc: volume mount...

7.8CVSS7.3AI score0.01663EPSS
Exploits3References12
OSV
OSV
•added 2023/11/06 4:15 p.m.•41 views

CVE-2023-5678

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.2AI score
Exploits0References9
OSV
OSV
•added 2023/11/06 7:32 a.m.•41 views

BIT-2020-2780

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS6.2AI score0.0243EPSS
Exploits0References8Affected Software1
OSV
OSV
•added 2023/11/06 12:15 a.m.•41 views

CVE-2023-47272

Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposition header used for attachment preview or download...

6.1CVSS6AI score
Exploits0References8
OSV
OSV
•added 2023/10/23 12:0 a.m.•41 views

DLA-3629-1 ceph - security update

Bulletin has no description...

9.8CVSS6.5AI score0.0461EPSS
Exploits1
Total number of security vulnerabilities5000