Lucene search
K

58 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

7CVSS6.6AI score0.00351EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 6:9 a.m.2 views

BELL-CVE-2026-23042

Bulletin has no description...

5.7AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/05 9:25 a.m.4 views

CVE-2026-23042

In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...

5.5CVSS5.1AI score0.00145EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo fo...

5.8AI score0.00145EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28152

Malicious code in bioql PyPI...

7CVSS6.7AI score0.00351EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.8 views

CVE-2021-23042

On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versio...

7.5CVSS6.8AI score0.00904EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.7 views

CVE-2020-23042

Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting XSS vulnerability in the path parameter of the list and download module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request...

6.1CVSS6.1AI score0.00716EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/01/14 7:15 p.m.6 views

academic-chatgpt (>=0.3.0 <=0.4.1), ace-step (=0.1.0) +511 more potentially affected by CVE-2025-23042 via gradio (>=1.7.7 <=5.5.0)

gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =2.0.0, =0.1.5, =0.0.6, =0.0.2, =0.3.2, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.0.7 and more Source cves: CVE-2025-23042 Source advisory: OSV:PYSEC-2025-118...

8.7CVSS5.7AI score0.00836EPSS
Exploits1
NVD
NVD
added 2025/01/14 7:15 p.m.17 views

CVE-2025-23042

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

8.7CVSS0.00836EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 6:49 p.m.8 views

CVE-2025-23042 Gradio Blocked Path ACL Bypass Vulnerability

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

8.7CVSS6.2AI score0.00836EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 6:49 p.m.98 views

CVE-2025-23042

Gradio Blocked Path ACL bypass vulnerability (CVE-2025-23042) arises from missing case normalization in file-path validation. On case-insensitive file systems (e.g., Windows/macOS), an attacker can circumvent ACLs by altering the letter case of a blocked path, potentially accessing restricted fil...

8.7CVSS6.3AI score0.00836EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2025/01/14 4:32 p.m.5 views

academic-chatgpt (>=0.3.0 <=0.4.1), africanwhisper (>=0.2.1 <=0.9.0) +321 more potentially affected by CVE-2025-23042 via gradio (>=1.7.7 <=5.10.0)

gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =0.1.5, =0.0.6, =0.0.2, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.1.1, =0.7.0.dev134, =0.7.0.dev143 - anymodality =0.1.0 and more Source cves: CVE-2025-23042 Source advisory: OSV:GHSA-J2JG-FQ62-7C3H...

8.7CVSS5.7AI score0.00836EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/01/14 4:32 p.m.4 views

ambientagi (>=0.1.1 <=0.2.12), deepchopper (>=1.0.1 <=1.3.1) +3 more potentially affected by CVE-2025-23042 via gradio (>=5.0.0 <=5.10.0)

gradio PYPI version =5.0.0, =0.1.1, =1.0.1, =1.1.8b3, =0.3.0, =0.6.3 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2025-23042 Source advisory: SNYK:PYTHON-GRADIO-8623546...

8.7CVSS5.8AI score0.00836EPSS
Exploits1
Circl
Circl
added 2025/01/14 3:32 p.m.8 views

CVE-2025-23042

creationtimestamp| type| source ---|---|--- 2025-01-14 15:32:01+00:00| published-proof-of-concept| https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h 2025-01-14 19:11:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1584 2025-01-14...

8.7CVSS5.7AI score0.00836EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2024/08/22 1:30 a.m.12 views

CVE-2022-48900

Removed by vendor...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2023/05/16 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1933)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.01016EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.34 views

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-1933)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains...

7.8CVSS4.5AI score0.01016EPSS
Exploits2References25
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1388)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00733EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.60 views

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1999)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a loca...

8.2CVSS6.9AI score0.02972EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2022/06/14 12:0 a.m.54 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9479)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9479 advisory. - perf: Fix sysperfeventopen race against self Peter Zijlstra Orabug: 34211086 CVE-2022-1729 - debug: Lock down kgdb Stephen Brennan Orabug: 342110...

7.8CVSS7.1AI score0.01002EPSS
Exploits0References11
Rows per page
Query Builder