Lucene search
K

580 matches found

CNNVD
CNNVD
added 2025/08/29 12:0 a.m.6 views

Payload 授权问题漏洞

Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload suffers from an authorization issue vulnerability that stems from SQLite adapters reusing identifiers during account creation, which could lead to a session fixation attack...

5.3CVSS6.4AI score0.00382EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully...

7.5CVSS6.7AI score0.04434EPSS
Exploits1References2
NVD
NVD
added 2025/08/08 1:15 a.m.10 views

CVE-2025-54793

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

6.9CVSS0.00572EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/08 12:2 a.m.5 views

CVE-2025-54793 Astro: Duplicate trailing slash feature can lead to Open Redirects

Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs...

6.9CVSS6.2AI score0.00572EPSS
Exploits0References2
CVE
CVE
added 2025/08/08 12:2 a.m.29 views

CVE-2025-54793

Summary: CVE-2025-54793 affects Astro web framework. Versions 5.2.0 through 5.12.7 have an Open Redirect in the trailing slash redirection logic when handling paths with double slashes, enabling a user to be redirected to an external domain via crafted URLs (e.g., https://example.com//malicious-s...

6.9CVSS6.3AI score0.00572EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/07/14 12:0 a.m.4 views

Differentially Private Federated Low Rank Adaptation beyond Fixed-Matrix

Large language models LLMs typically require fine-tuning for domain-specific tasks, and LoRA offers a computationally efficient approach by training low-rank adapters. LoRA is also communication-efficient for federated LLMs when multiple users collaboratively fine-tune a global LLM model without...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.8 views

The vulnerability of the ngene_command_config_free_buf() function in the driver drivers/media/pci/ngene/ngene-core.c file of Micronas PCI Express card adapters in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the ngenecommandconfigfreebuf function in the drivers/media/pci/ngene/ngene-core.c file of Micronas PCI Express card adapters related to Linux operating systems involves reading beyond the buffer’s boundaries. Exploiting this vulnerability can allow an attacker to cause a...

7.1CVSS6AI score0.00234EPSS
Exploits0References20Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the smsc75xx_bind() function in the drivers/net/usb/smsc75xx.c file allows a hacker to cause a service failure. This vulnerability relates to Linux kernel-based USB network adapters.

The vulnerability of the smsc75xxbind function in the drivers/net/usb/smsc75xx.c file, which is related to Linux kernel USB network adapters, stems from the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6AI score0.00228EPSS
Exploits0References20Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:7 p.m.8 views

CVE-2021-33162

Improper access control in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access...

8.4CVSS7.2AI score0.00206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.11 views

CVE-2020-27220

The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configure...

9CVSS7AI score0.01147EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 a.m.9 views

CVE-2019-0159

Insufficient memory protection in the Linux Administrative Tools for IntelR Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 9:14 p.m.8 views

CVE-2025-20104

Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS7.1AI score0.00116EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/15 5:41 a.m.4 views

Malicious code in defipulse-adapters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d5536c5f6bcb7069516bd2682ee50724915e891c5f1aa5c68ef38d32f9e2d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/05/15 5:41 a.m.5 views

MAL-2025-3826 Malicious code in defipulse-adapters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d5536c5f6bcb7069516bd2682ee50724915e891c5f1aa5c68ef38d32f9e2d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.4 views

AC-LoRA: (Almost) Training-Free Access Control-Aware Multi-Modal LLMs

Corporate LLMs are gaining traction for efficient knowledge dissemination and management within organizations. However, as current LLMs are vulnerable to leaking sensitive information, it has proven difficult to apply them in settings where strict access control is necessary. To this end, we desi...

6.6AI score
Exploits0
NVD
NVD
added 2025/05/13 9:16 p.m.8 views

CVE-2025-20104

Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 9:2 p.m.50 views

CVE-2025-20104

CVE-2025-20104 describes a race condition in Intel Network Adapters software, specifically affecting Intel Network Adapters package and Administrative Tools for Intel Network Adapters before version 29.4. The underlying issue allows an authenticated local user to potentially escalate privileges. ...

7.3CVSS7.2AI score0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/13 9:2 p.m.7 views

CVE-2025-20104

Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS7.4AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:2 p.m.12 views

CVE-2025-20104

Race condition in some Administrative Tools for some IntelR Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS0.00116EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Intel Network Adapters 代码问题漏洞

Intel Network Adapters is a family of adapters from Intel Corporation USA. A code issue vulnerability exists in Intel Network Adapters versions prior to 11 29.4, which stems from insufficient search path control and could lead to elevation of privilege...

6.7CVSS6.8AI score0.0013EPSS
Exploits0References2
Rows per page
Query Builder