CVE-2026-41097

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

CVE-2026-41097

creationtimestamp| type| source ---|---|--- 2026-05-12 15:52:42+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141 2026-05-12 16:38:43+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review 2026-05-13 01:08:48+00:00| seen|...

Aurelia-Path < 1.1.7 - Prototype Pollution

Aurelia-path before 1.1.7 contains a prototype pollution caused by parsing malicious URL parameters, letting attackers modify Object.prototype, exploit requires the application to parse user-controlled URLs. id: CVE-2021-41097 info: name: Aurelia-Path 1.1.7 - Prototype Pollution author: 0xAkoko...

CVE-2021-41097

aurelia-path is part of the Aurelia platform and contains utilities for path manipulation. There is a prototype pollution vulnerability in aurelia-path before version 1.1.7. The vulnerability exposes Aurelia application that uses aurelia-path package to parse a string. The majority of this will b...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41097)

usb: atm: cxacru: incomplete endpoint checking in cxacrubind. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504539; scriptversion"1.2";...

EUVD-2025-41097

Malicious code in fadhil-menjes33-sukiwir npm...

CVE-2025-41097

creationtimestamp| type| source ---|---|--- 2025-09-30 11:57:20+00:00| seen| Telegram/xMe8j2UPHY-6xW1LxiAaEVt4r3UhZnXChPLeQSPaR8VD5Ro...

CVE-2025-41097

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers...

CVE-2024-41097

creationtimestamp| type| source ---|---|--- 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2023-41097

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...

Amazon Linux 2 : kernel, --advisory ALAS2-2025-2778 (ALAS-2025-2778)

The version of kernel installed on the remote host is prior to 4.14.352-267.564. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2778 advisory. In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time...

Amazon Linux 2 : kernel (ALAS-2024-2698)

The version of kernel installed on the remote host is prior to 4.14.352-267.564. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2698 advisory. 2024-12-05: CVE-2024-41034 was added to this advisory. 2024-12-05: CVE-2024-41097 was added to this advisory...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. CVE-2024-36484 In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."...

Ubuntu: Security Advisory (USN-7069-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7069-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7069-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7069-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

CVE-2024-41097 usb: atm: cxacru: fix endpoint checking in cxacru_bind()

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...

CVE-2023-41097

creationtimestamp| type| source ---|---|--- 2023-12-21 22:27:11+00:00| seen| https://t.me/ctinow/157992 2024-01-14 17:16:31+00:00| seen| https://t.me/ctinow/168079...

CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...

CVE-2023-41097

CVE-2023-41097 concerns Silicon Labs Gecko SDK (GSDK) on ARM, where an Observable Timing Discrepancy could enable a Padding Oracle crypto attack against CBC PKCS7. Affected component is the GSDK up to and including version 4.4.0. The root cause is a timing discrepancy that leaks information durin...