Questions tagged [cve]
Common Vulnerabilities and Exposures (CVE) is a dictionary to describe known vulnerabilities.
242
questions
3
votes
1
answer
69
views
PCI DSS SAQ A qualification - what counts as a 'found' vulnerability?
This Q pertains to PCI DSS v4.0 SAQ A - previous Q&A only touched on previous versions of PCI.
Since 4.0, merchants that accept credit card payment, even if they only iframe or link to their ...
- 131
1
vote
0
answers
30
views
RedHat get list of CVE afecting specific software [closed]
I need to build a tool to get list of CVE impacting specific software of a given RedHat system.
I am aware that there is online RedHat API but i does not want to go there because :
My systems do not ...
- 213
3
votes
1
answer
972
views
CVE-2022-29190 due to telegraf?
I am working on finding workaround for CVE-2022-29190 in my application.
My application makes use of telegraf.
It also states this:
Telegraf is written in Go and compiles into a single binary with no ...
- 133
0
votes
0
answers
99
views
Does using a VPN to allow ssh connections provide better security, especially after seeing how CVE-2024-3094 (XZ backdoor) is done?
For my own (public) servers, is it considered a good idea to only allow ssh connections from VPN connections (OpenVPN, Wireguard or otherwise), to mitigate any possible attacks in the future on ssh?
...
- 1,069
0
votes
0
answers
81
views
Should Maven Central artifacts containing known vulnerable artifacts be reported?
I have developed a tool that can find Maven Central JAR artifacts that contain classes from known vulnerable JAR artifacts. This includes but is not limited to fat (uber) JARs, JAR bundles, and ...
- 113
3
votes
1
answer
394
views
Current (Feb 2024) High-Severity unfixed Linux Kernel CVEs
[Originally posted on ServerFault, was told it would fit better here]
Our vulnerability scanner (AWS Inspector V2) in the last couple of weeks started reporting ~10 High severity CVEs with the Linux ...
- 33
0
votes
1
answer
184
views
If a library has a vulnerable function, but my code doesn't call it, is my code at risk? Do I need to update?
I am trying to analyze CVE-2023-34453. As per the NVD description, there is an integer overflow error in snappy-java, specifically in the method shuffle(int[] input) in BitShuffle.java.
In a huge ...
- 67
1
vote
0
answers
86
views
What are the security concerns from failing to unpin memory?
I am trying to understand the implication of CVE-2023-40791. The CVE reads:
"Linux kernel before 6.4.12 fails to unpin pages in certain situations".
NetApp says this could lead to ...
- 11
1
vote
1
answer
705
views
Should the use of the HTTP 'ETag' header be avoided for security and privacy concerns?
I'm looking into the risks associated with the use of the HTTP 'Etag' header and found the following relevant information already.
Information Disclosure (inodes)
This article titled: "...
- 6,715
0
votes
2
answers
147
views
Not requiring POST requests... results in a CSRF vulnerability?
I'm setting up a Jenkins server, and ran across a reported vulnerability, SECURITY-3033, also identified as CVE-2023-37954:
Rebuilder Plugin 320.v5a_0933a_e7d61 and earlier does not require POST
...
2
votes
1
answer
207
views
Where to query for CVEs present in a version of a software project like npm packages of python modules?
In node, I can run npm audit and it will show me known vulnerabilities for the versions my dependencies are using.
That's cool and all, but I'd like to be able to do the following, on some website or ...
- 21
0
votes
1
answer
110
views
How can I get CISA weekly summary sorted by vendor rather than by CVE? [closed]
I subscribe to the CISA's weekly vulnerability summary email.
This USED to come sorted by vendor/product, so I could quickly skip over the Cisco and Wordpress vulnerabilities to check the stuff I care ...
1
vote
1
answer
558
views
Vulnerability scanning on target Android device
Is there an nmap vulnerability scanning script (vuln, vulscan, nmap-vulners etc) for scanning target Android devices on the network?
If not, is there any specific scanning tool that scans for CVE on ...
- 41
1
vote
1
answer
136
views
Github repos with CVEs mentioned and no real content
When I look for proof-of-concepts of a security vulnerability, I often see this kind of Github repositories:
https://github.com/Satheesh575555/linux-4.19.72_CVE-2023-0386
https://github.com/nidhi7598/...
- 252
2
votes
1
answer
423
views
How to Approach CVEs Marked as "DISPUTED" and "WON'T FIX" in PCI-DSS Pentest
When conducting penetration testing in a PCI-DSS compliance context, we found a known security vulnerability that's identified by a CVE number.
In this case, the finding in question is CVE-2016-20012, ...
- 21