Hacker News
- CVE-2023-48795 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 2 comments
- Attacker with access to XML config can trigger keepass.exe to obtain passwords https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24055 103 comments
- Grand Theft Auto V exploit assigned CVE number due to partial RCE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24059 39 comments
- Unbound, up to version 1.16.1 vulnerable to ghost domain names attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30698 2 comments
- CVE-2021-32471 – Input validation in Marvin Minsky 1967 Turing Machine https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471 37 comments
- Python 3.x: RCE in Python applications that accept floats as untrusted input https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177 69 comments
- CVE-2021-3156: Sudo privilege escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3156 4 comments
- RabbitMQ integer overflow that leads to heap memory corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18609 23 comments
- Alpine Linux Docker images have NULL for root password https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5021 192 comments
- Adobe CVEs https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Adobe 22 comments
- CVE-2014-6277 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 47 comments
Lobsters
- CVE-2018-1000657 - Arbitrary code execution in a core Rust library https://cve.mitre.org/cgi-bin/cvename.cgi?name=+CVE-2018-1000657 15 comments rust , security
- CVE-2023-25136 and FreeBSD-SA-23:03.openssl https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25136 4 comments freebsd
- CVE - CVE-2023-0751 – FreeBSD-SA-23:01.geli – GELI silently omits the keyfile if read from stdin https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0751 4 comments freebsd
- Latest 7zip vulnerability: How/Why do questionable CVEs get posted? https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29072 10 comments sysadmin
- AWS Img. scan found a vulnerability in my (golang) container - how can I find which package is using the lib with vulnerability? https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928 19 comments golang
- New Log4j CVE - CVE-2021-44832. Another JNDI RCE. Fixed in latest release. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832 21 comments netsec
- Log4Shell round 2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 149 comments programming
- Previous log4j patch insufficient in some situations. New CVE posted and new log4j released 2.16. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 55 comments netsec
- CentOS log4j vulnerabilities? http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44228 14 comments centos
- Any idea who and how they "scan" for these Rust CVEs? How can a crate maintainer do this by themselves? https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rust 7 comments rust
- Turing machine vulnerability CVE 🤣 https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-32471 5 comments programming
- CVE-2021-32471 – Input validation in Marvin Minsky 1967 Turing Machine https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-32471 22 comments netsec
- CVE-2021-3156 - sudo vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3156 5 comments raspberry_pi
- Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5021 53 comments programming
- CVE-2018-17456 -- "Git ... allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character." http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456 5 comments git
- CVE-2018-1000657: buffer overflow in VecDeque::reserve() in Rust 1.3 through 1.21 allows arbitrary code execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20cve-2018-1000657 69 comments rust
- A word of thanks to the folks at Mitre for updating CVE-2017-9230 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9230 4 comments btc
- A statement in the Intel SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for some traps http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8897 10 comments programming
- Net::FTP command injection vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17405 3 comments ruby
- CVE-2016-1248: "may result in the execution of arbitrary code if a file with a specially crafted modeline is opened" https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-1248 17 comments vim
- Patch your network systems! CVE-2015-4216 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4216 3 comments sysadmin
- CVE-ID Syntax Change http://cve.mitre.org/cve/identifiers/syntaxchange.html 4 comments netsec