Lucene search
K
OsvMost viewed

907431 matches found

OSV
OSV
•added 2023/01/16 12:30 p.m.•42 views

GHSA-7222-R37X-8Q3M Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints

Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

8.8CVSS8.6AI score0.00567EPSS
Exploits0References3
OSV
OSV
•added 2023/01/02 4:15 p.m.•42 views

CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.9AI score0.06608EPSS
Exploits3References6
OSV
OSV
•added 2023/01/01 12:0 a.m.•42 views

ASB-A-253642087

In ieee80211parseelemscrc of util.c, there is a possible use after free due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS8.3AI score0.0123EPSS
Exploits1References15
OSV
OSV
•added 2023/01/01 12:0 a.m.•42 views

ASB-A-242703780

In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00238EPSS
Exploits0References2
OSV
OSV
•added 2022/12/15 3:8 p.m.•42 views

RLSA-2022:9058 Important: prometheus-jmx-exporter security update

Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Security Fixes: SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 For more details about the security issues, including the impact, a...

8.3CVSS9.2AI score0.99615EPSS
Exploits7References2
OSV
OSV
•added 2022/12/13 3:15 p.m.•42 views

CVE-2022-45685

A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data...

7.5CVSS7.4AI score
Exploits0References3
OSV
OSV
•added 2022/12/05 10:15 p.m.•42 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...

6.5CVSS1.4AI score
Exploits0References3
OSV
OSV
•added 2022/12/01 11:15 a.m.•42 views

CVE-2022-1471

SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. ...

9.8CVSS9.1AI score0.99615EPSS
Exploits7References11
OSV
OSV
•added 2022/11/14 12:0 a.m.•42 views

DLA-3187-1 dropbear - security update

Bulletin has no description...

7.5CVSS7.5AI score0.01348EPSS
Exploits0
OSV
OSV
•added 2022/11/10 12:0 a.m.•42 views

CVE-2022-39395 Vela Insecure Defaults

Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to...

9.6CVSS8.8AI score0.01067EPSS
Exploits0References12
OSV
OSV
•added 2022/11/09 12:0 a.m.•42 views

DLA-3183-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.2AI score0.01508EPSS
Exploits0
OSV
OSV
•added 2022/11/08 6:19 a.m.•42 views

RLSA-2022:7444 Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 Race condition in VTRESIZEX ioctl when vcconsi.d is...

7.8CVSS8.9AI score0.12746EPSS
Exploits21References27
OSV
OSV
•added 2022/11/08 12:0 a.m.•42 views

ALSA-2022:7683 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 race condition in VTRESIZEX ioctl when vcconsi.d is already NULL leading to NULL pointer dereference...

8.6CVSS8.6AI score0.12746EPSS
Exploits21References54
OSV
OSV
•added 2022/11/08 12:0 a.m.•42 views

ALSA-2022:7692 Moderate: xmlrpc-c security update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

9.8CVSS9.1AI score0.04829EPSS
Exploits1References16
OSV
OSV
•added 2022/11/07 3:15 a.m.•42 views

CVE-2022-44792

handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

6.5CVSS3.9AI score
Exploits0References4
OSV
OSV
•added 2022/11/07 12:15 a.m.•42 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS3AI score
Exploits0References15
OSV
OSV
•added 2022/11/01 12:0 p.m.•42 views

RUSTSEC-2022-0065 X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.1AI score0.91153EPSS
Exploits2References3
OSV
OSV
•added 2022/11/01 12:0 a.m.•42 views

ALSA-2022:7288 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full strength general purpose cryptography library. Security Fixes: OpenSSL: X.509 Email Address Buffer Overflow CVE-2022-3602 OpenSSL: X.509 Email Address Variable Length...

7.5CVSS7.8AI score0.91153EPSS
Exploits6References6
OSV
OSV
•added 2022/10/29 6:15 p.m.•42 views

CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

7.8CVSS7.8AI score
Exploits0References13
OSV
OSV
•added 2022/10/26 12:0 a.m.•42 views

DLA-3160-1 tomcat9 - security update

Bulletin has no description...

7.5CVSS6.4AI score0.71653EPSS
Exploits20
OSV
OSV
•added 2022/10/25 7:23 a.m.•42 views

RLSA-2022:7108 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

8.1CVSS8.3AI score0.01067EPSS
Exploits0References3
OSV
OSV
•added 2022/10/21 8:32 p.m.•42 views

GHSA-CW98-9J8W-WXV9 .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0, and .NET CORE 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Microsoft is aware of a Denial of Service...

7.5CVSS7.5AI score0.03228EPSS
Exploits0References11
OSV
OSV
•added 2022/10/21 12:0 a.m.•42 views

CVE-2022-3598

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...

5.5CVSS6.4AI score0.00938EPSS
Exploits1References7
OSV
OSV
•added 2022/10/15 12:0 a.m.•42 views

DSA-5254-1 python-django - security update

Bulletin has no description...

9.8CVSS8.2AI score0.73274EPSS
Exploits7
OSV
OSV
•added 2022/10/14 12:15 a.m.•42 views

CVE-2022-42722

In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices...

5.5CVSS4.6AI score
Exploits0References10
OSV
OSV
•added 2022/09/29 12:0 a.m.•42 views

DLA-3124-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.8AI score0.01413EPSS
Exploits0
OSV
OSV
•added 2022/09/13 9:15 p.m.•42 views

PYSEC-2022-277

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69...

5.5CVSS3AI score0.00287EPSS
Exploits1References2
OSV
OSV
•added 2022/09/01 12:0 a.m.•42 views

DSA-5223-1 chromium - security update

Bulletin has no description...

8.8CVSS7.3AI score0.24738EPSS
Exploits3
OSV
OSV
•added 2022/08/30 12:0 a.m.•42 views

ALSA-2022:6224 Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: crehash script allows command injection CVE-2022-1292 openssl: Signer certificate verification...

10CVSS8.5AI score0.95764EPSS
Exploits6References12
OSV
OSV
•added 2022/08/28 12:0 a.m.•42 views

DLA-3083-1 puma - security update

Bulletin has no description...

9.1CVSS6.9AI score0.0214EPSS
Exploits0
OSV
OSV
•added 2022/08/23 8:15 p.m.•42 views

CVE-2021-3995

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of...

5.5CVSS5.3AI score0.0063EPSS
Exploits3References9
OSV
OSV
•added 2022/08/10 12:0 a.m.•42 views

GHSA-2M65-M22P-9WJW Duplicate Advisory: .NET Information Disclosure Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vh55-786g-wjwj. This link is maintained to preserve external references. Original Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET...

5.9CVSS5.7AI score0.0192EPSS
Exploits0References6
OSV
OSV
•added 2022/07/26 12:1 a.m.•42 views

GHSA-42M6-G935-5VMQ @ianwalter/merge Prototype Pollution via `merge` function

All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main merge function. @ianwalter/merge is deprecated and the maintainer suggests using @generates/merger instead...

5.6CVSS9.5AI score0.00687EPSS
Exploits1References3
OSV
OSV
•added 2022/07/20 8:52 p.m.•42 views

GO-2022-0526 Stack exhaustion when decoding certain messages in encoding/gob

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion...

7.5CVSS7.8AI score0.01403EPSS
Exploits0References4
OSV
OSV
•added 2022/07/05 1:15 p.m.•42 views

CVE-2022-33740

Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...

7.1CVSS1.8AI score
Exploits0References7
OSV
OSV
•added 2022/07/05 12:0 a.m.•42 views

GHSA-FX4W-V43J-VC45 SQL injection in typeORM

The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that...

9.8CVSS9.6AI score0.20299EPSS
Exploits6References5
OSV
OSV
•added 2022/06/28 12:0 a.m.•42 views

ALSA-2022:5344 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: buffer overflow in IPsec ESP transformation code CVE-2022-27666 kernel: out-of-bounds read in fbcongetfont function CVE-2020-28915...

7.8CVSS7.6AI score0.05524EPSS
Exploits2References6
OSV
OSV
•added 2022/05/24 5:43 p.m.•42 views

GHSA-RXG9-XRHP-64GJ .NET Core Remote Code Execution Vulnerability

A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux. This CVE ID is unique from CVE-2021-26701...

9.8CVSS8.6AI score0.0327EPSS
Exploits0References3
OSV
OSV
•added 2022/05/24 5:5 p.m.•42 views

GHSA-CF8F-W2C5-P5JR keycloak vulnerable to unauthorized login via mail server setup

A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be '[email protected]'...

9.1CVSS9.1AI score0.01718EPSS
Exploits1References5
OSV
OSV
•added 2022/05/17 3:18 a.m.•42 views

GHSA-V6FH-VG22-R6CM phpMyAdmin ReCaptcha bypass

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

5CVSS6.3AI score0.0979EPSS
Exploits2References10
OSV
OSV
•added 2022/05/17 2:16 a.m.•42 views

GHSA-WV88-PF73-X22P Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework

VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...

7.5CVSS5.5AI score0.11779EPSS
Exploits1References17
OSV
OSV
•added 2022/05/14 3:47 a.m.•42 views

GHSA-3WCJ-RG8Q-9CQV Open redirect in ASP.NET Core

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability"...

8.8CVSS8.5AI score0.09398EPSS
Exploits0References4
OSV
OSV
•added 2022/05/14 12:54 a.m.•42 views

GHSA-3C5C-XRQ4-QHR8 ClassLoader manipulation in Apache Struts

CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists...

7.5CVSS7.6AI score0.78306EPSS
Exploits0References4
OSV
OSV
•added 2022/05/13 1:12 a.m.•42 views

GHSA-PRFW-3QX6-G9XR Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow

It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOWENCODEDSLASH option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files...

7.5CVSS7.2AI score0.01601EPSS
Exploits0References6
OSV
OSV
•added 2022/05/02 7:26 p.m.•42 views

GHSA-HX8W-GHH8-R4XF Write access to the catalog for any user when restricted-admin role is enabled in Rancher

Impact This vulnerability only affects customers using the restricted-admin role in Rancher. For this role to be active, Rancher must be bootstrapped with the environment variable CATTLERESTRICTEDDEFAULTADMIN=true or the configuration flag restrictedAdmin=true. A flaw was discovered in Rancher...

8.1CVSS5.3AI score0.00566EPSS
Exploits0References5
OSV
OSV
•added 2022/04/15 5:15 a.m.•42 views

CVE-2022-26498

An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

7.5CVSS1.9AI score
Exploits0References6
OSV
OSV
•added 2022/03/30 9:48 p.m.•42 views

GHSA-H99W-9Q5R-GJQ9 Puma vulnerable to HTTP Request Smuggling

When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

9.1CVSS8.5AI score0.0214EPSS
Exploits0References12
OSV
OSV
•added 2022/03/25 9:15 p.m.•42 views

CVE-2022-24783 Sandbox bypass leading to arbitrary code execution in Deno

Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 inclusive are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. This...

10CVSS8.6AI score0.01103EPSS
Exploits0References3
OSV
OSV
•added 2022/03/15 9:10 a.m.•42 views

ALSA-2022:0891 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: NULL pointer dereference via malformed requests CVE-2021-34798 httpd: Out-of-bounds write in apescapequotes via malicious input CVE-2021-39275 For more details about the...

9.8CVSS8.5AI score0.64509EPSS
Exploits0References3
OSV
OSV
•added 2022/03/06 12:0 a.m.•42 views

OSV-2022-217 Stack-buffer-overflow in msgpack_sbuffer_write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45208 Crash type: Stack-buffer-overflow READ Crash state: msgpacksbufferwrite flbpackmsgpacktojsonformat flbjsonfuzzer.c...

7.2AI score
Exploits0References1
Total number of security vulnerabilities5000