7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
Build Numbers and Versions of Veeam Agent for Linux
This KB article lists all versions of Veeam Agent for Linux and their respective build...
3.1AI Score
ibm.mq is vulnerable to a Denial of service. The vulnerability is due to insufficient handling of HTTP requests, which allows an attacker to craft requests that cause excessive resource consumption. This can potentially leads to Denial of...
7.5CVSS
6.9AI Score
0.0004EPSS
7.1AI Score
nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nano_id::base62 and nano_id::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...
9.8CVSS
6.7AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: rust-resctl-demo-2.2.5-4.fc39
resctl-demo demonstrates and documents various aspects of resource control using self-contained workloads in guided...
7.3AI Score
Denial of service via chunk extensions in net/http
A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about...
5.3CVSS
6.9AI Score
0.001EPSS
Improper handling of keys in github.com/theupdateframework/go-tuf
An attacker with the ability to insert public keys into a TUF repository can cause clients to accept a staged change that has not been signed by the correct threshold of...
6.9AI Score
Improper validation of access tokens in github.com/flyteorg/flyteadmin
Improper validation of access tokens can permit use of expired...
6.5CVSS
6.5AI Score
0.001EPSS
7.1AI Score
7.1AI Score
Mattermost allows attackers access to posts in channels they are not a member of in...
4.3CVSS
6.6AI Score
0.0004EPSS
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary...
6CVSS
7.4AI Score
0.001EPSS
dhowden tag panic due to out-of-bounds read
Due to improper bounds checking, a number of methods in dhowden tag before 0.0.0-20201120070457-d52dcb253c63 can trigger a panic due to attempted out-of-bounds reads. If the package is used to parse user supplied input, this may be used as a vector for a denial of service...
6.5CVSS
6.1AI Score
0.001EPSS
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
Malicious code in fredli (pypi)
-= Per source details. Do not edit below this line.=- Source: checkmarx (3d49716b05f951243dfb12ab8ce3d149d9ea2201c95309c1795c1a80bb13797a) EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing...
7.2AI Score
github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper validation of HTTP requests before processing them in server.go, allowing untrusted requests to crash the Minder control plane, denying service to other...
7.5CVSS
7AI Score
0.0004EPSS
OPCFoundation.NetStandard.Opc.Ua.Server is vulnerable to Denial Of Services (DoS). The vulnerability exists due to the uncontrolled resource consumption in the library, which allows an attacker to send malicious requests that consume all memory available to the server, leading to an application...
7.5CVSS
6.7AI Score
0.0005EPSS
IBM MQ 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7157976)
The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7157976 advisory. IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service,...
7.5CVSS
7.8AI Score
0.0004EPSS
Improper verification of signature attestations in github.com/sigstore/cosign
Improper verification of signature attestations in...
9.8CVSS
7.1AI Score
0.002EPSS
Improper handling of empty HTML attributes in html/template
Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into...
7.3CVSS
8.6AI Score
0.001EPSS
Denial of service in github.com/open-policy-agent/opa
An issue in the AST parser of Open Policy Agent makes it possible for attackers to cause a Denial of Service attack from a crafted...
7.5CVSS
7.3AI Score
0.001EPSS
VMware Carbon Black Cloud Endpoint Standard Inactive (macOS)
VMware Carbon Black Cloud Endpoint Standard, formerly Cb Defense and Confer, is installed on the remote macOS host but is not...
1.2AI Score