Lucene search
K

23 matches found

OSV
OSV
added yesterday3 views

ROOT-OS-UBUNTU-2404-CVE-2025-38292 CVE-2025-38292 in rootio-linux - Patched by Root

Root has patched CVE-2025-38292 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.1CVSS7.2AI score0.00153EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : kernel-5.14.0-570.33.2.el9_6 (AXSA:2025-10783:60)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10783:60 advisory. kernel: crypto: algifhash - fix double free in hashaccept CVE-2025-38079 kernel: wifi: ath12k: fix invalid access to memory CVE-2025-38292 Tenable...

7.8CVSS7.1AI score0.00175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

AlmaLinux 9 : kernel (ALSA-2025:13602)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13602 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linux...

7.8CVSS6.8AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-38292 Malicious code in viaduct-quebec-p85e (npm)

The package viaduct-quebec-p85e was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.3 views

Oracle Linux 9 : kernel (ELSA-2025-13602)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13602 advisory. - net/sched: Always pass notifications when child class becomes empty CKI Backport Bot RHEL-93387 CVE-2025-38350 - schhtb: make htbdeactivate idempote...

7.8CVSS7AI score0.0018EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/10 7:42 a.m.6 views

CVE-2025-38292 wifi: ath12k: fix invalid access to memory

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...

0.00153EPSS
Exploits0References3
OSV
OSV
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38292 wifi: ath12k: fix invalid access to memory

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...

7.1CVSS6.5AI score0.00153EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/03/01 12:24 a.m.8 views

CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

9.8CVSS9.5AI score0.00536EPSS
Exploits0References1
Circl
Circl
added 2025/02/28 1:8 a.m.5 views

CVE-2024-38292

creationtimestamp| type| source ---|---|--- 2025-02-28 01:08:15+00:00| seen| https://t.me/cvedetector/19101 2025-02-28 01:53:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj7ccu6rde2c 2025-02-28 17:27:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5931 2025-02-28...

9.8CVSS5.3AI score0.00536EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/27 12:0 a.m.8 views

CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

0.00536EPSS
Exploits0References1
CVE
CVE
added 2025/02/27 12:0 a.m.59 views

CVE-2024-38292

Summary: CVE-2024-38292 affects Extreme Networks XIQ-SE prior to version 24.2.11. The issue is a missing access control check that enables a path traversal, which can lead to privilege escalation. The CVSSv3.1 score is 9.8 (CRITICAL), with network access, no user interaction required, and high im...

9.8CVSS9.5AI score0.00536EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/27 12:0 a.m.5 views

CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

9.6AI score0.00536EPSS
Exploits0References1
Circl
Circl
added 2022/09/13 12:25 a.m.4 views

CVE-2022-38292

creationtimestamp| type| source ---|---|--- 2022-09-13 00:25:00+00:00| seen| https://t.me/cibsecurity/49617...

9.8CVSS8.7AI score0.00772EPSS
Exploits1References1
CVE
CVE
added 2022/09/12 8:30 p.m.67 views

CVE-2022-38292

CVE-2022-38292 affects SLiMS Senayan Library Management System v9.4.2. It involves multiple Server-Side Request Forgeries targeting the components /bibliography/marcsru.php and /bibliography/z3950sru.php . The root cause is SSRF in these endpoints, enabling potential unauthorized requests from th...

9.8CVSS9.5AI score0.00772EPSS
Exploits1References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2011/02/13 12:0 a.m.15 views

Symantec Alert Management System AMSSendAlertAck Stack Buffer Overflow (CVE-2010-0110)

Symantec Alert management System 2 AMS2 is a package used by various Symantec solutions such as System Center, AntiVirus Server, and AntiVirus Central Quarantine Server. AMS2 starts multiple services on the system that run with System account privileges, by default. A stack buffer overflow...

7.9CVSS7.5AI score0.0513EPSS
Exploits12
securityvulns
securityvulns
added 2011/01/31 12:0 a.m.96 views

Symantec Antivirus Corporate Edition Alert Management Service code execution

It's possible to execute commands without authentication via TCP/38292 service...

9.3CVSS5AI score0.34516EPSS
Exploits14References4Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2011/01/27 12:0 a.m.28 views

Symantec AMS Intel Alert Handler Pin Number Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.ex...

10CVSS3.8AI score0.34516EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2011/01/27 12:0 a.m.31 views

Symantec AMS Intel Alert Handler Service CreateProcess Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HDNLRSVC.EXE service while processing data sent from the msgsys.e...

10CVSS3.2AI score0.34516EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2011/01/27 12:0 a.m.33 views

Symantec AMS Intel Alert Handler Modem String Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.ex...

10CVSS4.5AI score0.34516EPSS
Exploits1References1
Symantec
Symantec
added 2011/01/26 8:0 a.m.28 views

Multiple Symantec Intel Alert Management System Arbitrary Message Creation or Denial of Service

SUMMARY Symantec was notified of a improper message handling procedures in the Intel Alert Management System AMS2 that can be used to send arbitrary messages or kill the Intel Alert Handler service. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec AntiVirus Corporate Edition...

9.3CVSS0.5AI score0.34516EPSS
Exploits1Affected Software1
Rows per page
Query Builder