Lucene search
K

10464 matches found

Fedora
Fedora
added 2026/02/20 1:17 a.m.6 views

[SECURITY] Fedora 42 Update: microcode_ctl-2.1-70.1.fc42

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/02/20 12:53 a.m.5 views

[SECURITY] Fedora 43 Update: microcode_ctl-2.1-71.1.fc43

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the functions addCustomer, updateCustomer, and...

6.5CVSS6.6AI score0.00202EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the addSales, updateSales, and deleteSales...

6.5CVSS6.6AI score0.0022EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the addInport/, updateInport/, and deleteInport...

6.5CVSS6.6AI score0.00199EPSS
Exploits1References6
NVD
NVD
added 2026/02/18 9:16 p.m.11 views

CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

7.7CVSS0.00231EPSS
Exploits0References3
OSV
OSV
added 2026/02/18 9:16 p.m.4 views

UBUNTU-CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

7.7CVSS6AI score0.00231EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/18 8:29 p.m.21 views

CVE-2025-1272 Kernel: secure boot does not automatically enable kernel lockdown

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

7.7CVSS0.00231EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/02/18 8:29 p.m.12 views

CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

7.7CVSS7.5AI score0.00231EPSS
Exploits0
CVE
CVE
added 2026/02/18 8:29 p.m.330 views

CVE-2025-1272

Summary (CVE-2025-1272) : The Fedora Linux kernel lockdown mode for kernels starting with 6.12 is reported to be disabled without warning, enabling potential exposure of sensitive kernel data (memory mappings, I/O ports, BPF, and kprobes) and allowing unsigned modules to load, which could break S...

7.7CVSS7.8AI score0.00231EPSS
Exploits0References3
OSV
OSV
added 2026/02/17 12:34 p.m.8 views

CLSA-2026-1771331675 grub2: Fix of CVE-2025-61662

CVE-2025-61662: fix use-after-free in gettext/gettext due to unregistered gettext command on module unload...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.5 views

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

4.8CVSS5.5AI score0.00134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.5 views

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...

5.4CVSS5.8AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2026/02/16 6:19 p.m.3 views

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script that allow attackers to inject malicious scripts through multiple parameters. Attackers can submit POST requests to dhcp.cgi with script payloads in parameters su...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:4 p.m.22 views

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script. The vulnerability enables attackers to inject JavaScript via posted parameters (e.g., BOOT_SERVER, BOOT_FILE, BOOT_ROOT, START_ADDR, END_ADDR, DNS1, DNS2, NTP1,...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Oracle linux
Oracle linux
added 2026/02/16 12:0 a.m.10 views

kernel security update

5.14.0-611.34.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

7.1CVSS5.5AI score0.0071EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/02/16 12:0 a.m.10 views

kernel security update

6.12.0-124.38.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.8CVSS7.8AI score0.0071EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/13 1:22 p.m.5 views

CVE-2025-15575

The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...

5.3CVSS5.5AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/02/12 11:15 a.m.5 views

CVE-2025-15575

The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...

5.3CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/12 10:51 a.m.25 views

CVE-2025-15575 Missing Firmware Authenticity Checks in Solax Power Pocket WiFi models

The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...

0.00123EPSS
Exploits0References1
Rows per page
Query Builder