Lucene search
K

112 matches found

OSV
OSV
added 2025/05/07 10:10 a.m.4 views

USN-7496-3 linux-azure, linux-azure-4.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

7.8CVSS6.7AI score0.00295EPSS
Exploits3References34
RedHat Linux
RedHat Linux
added 2025/05/06 2:29 a.m.8 views

Moderate: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

5.5CVSS6.9AI score0.00445EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/02 5:24 p.m.10 views

CVE-2025-30390

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...

9.9CVSS6.8AI score0.00776EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2025/05/01 3:5 p.m.15 views

Why is Ransomware Still a Thing in 2025?

When was the last time you had a serious conversation about cybersecurity that didn’t touch on ransomware? We all know that it’s one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new—ransomware’s been around since 1989—but because we are making it far too eas...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.16 views

KB5055547: Windows 10 LTS 1507 Security Update (April 2025)

The remote Windows host is missing security update 5055547. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network. CVE-2025-27481 - Use after free in Windows LDAP - Lightweig...

8.8CVSS8.7AI score0.1806EPSS
Exploits5References44
Talos Blog
Talos Blog
added 2025/04/03 6:3 p.m.11 views

One mighty fine-looking report

Welcome to this week's edition of the Threat Source newsletter. They say art is subjective, but have you ever seen a well-formatted bar chart? Van Gogh had Starry Night , but Talos' 2024 Year in Review available now! has color-coded data with perfect labels. True beauty. If you haven't yet had a...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/03/31 9:53 a.m.10 views

Available now: 2024 Year in Review

Welcome to Cisco Talos' 2024 Year in Review, available for download now. This report is powered by threat telemetry from over 46 million global devices across 193 countries and regions, amounting to more than 886 billion security events per day. Explore key insights in topics including the top...

7.8AI score
Exploits0
OSV
OSV
added 2025/03/18 5:43 p.m.12 views

CLSA-2025-1742319829 Fix of 27 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neighperiodicwork CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211getstation CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma...

7.8CVSS7AI score0.00809EPSS
Exploits0References1
OSV
OSV
added 2024/12/06 1:3 p.m.5 views

SUSE-SU-2024:4242-1 Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2021-47600: dm btree remove: fix us...

9.8CVSS8.1AI score0.01166EPSS
Exploits2References51
The Hacker News
The Hacker News
added 2024/12/04 6:7 a.m.10 views

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People's Republic of China PRC-affiliated threat actors targeting telecommunications providers. "Identified exploitations or compromises associated with these threa...

7.2AI score
Exploits0
SUSE Linux
SUSE Linux
added 2024/12/02 9:15 a.m.3 views

Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001338 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

7.8CVSS8.7AI score0.00767EPSS
Exploits1References120
OSV
OSV
added 2024/11/15 12:19 p.m.7 views

OESA-2024-2394 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4,...

4.8CVSS5.7AI score0.01157EPSS
Exploits0References6
Huntr
Huntr
added 2024/11/06 1:20 p.m.9 views

A malicious gguf model can lead to DoS due to unchecked array bound access via network

This report is not public...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.16 views

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

7.8CVSS7.7AI score0.08555EPSS
Exploits0References24
Citrix
Citrix
added 2024/09/24 8:54 a.m.15 views

XenServer and Citrix Hypervisor Security Update for CVE-2024-45817

XenServer and Citrix Hypervisor Security Update Description of Problem An issue has been identified that affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and allow a malicious administrator of a guest VM to cause the host to crash or become unresponsive. This issue has the following...

8.8CVSS7.9AI score0.01299EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.106 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12581)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12581 advisory. - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879157 CVE-2024-41090 CVE-2024-41091 - netfilter: ipset: Fix race between...

9.8CVSS7.5AI score0.02701EPSS
Exploits2References52
hivepro
hivepro
added 2024/03/29 8:29 a.m.29 views

Sysrv Harnessing Google Subdomains to Circulate XMRig

Summary: Sysrv, an advanced botnet, employs a Golang worm to infiltrate devices and distribute XMRig cryptocurrency miners, leveraging network vulnerabilities and undergoing constant evolution through operator refinement. Threat Level - Red | Attack Report For a detailed threat advisory, download...

7.4AI score
Exploits0
CISA
CISA
added 2024/03/21 12:0 p.m.6 views

CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques

Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in...

7.3AI score
Exploits0References2
NVD
NVD
added 2024/02/17 5:15 a.m.28 views

CVE-2024-21498

All versions of the package github.com/greenpau/caddy-security are vulnerable to Server-side Request Forgery SSRF via X-Forwarded-Host header manipulation. An attacker can expose sensitive information, interact with internal services, or exploit other vulnerabilities within the network by...

5.3CVSS5.5AI score0.00554EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/01/16 3:56 p.m.4 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
Rows per page
Query Builder