Lucene search
K

1041 matches found

CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

Google Gemini Enterprise 安全漏洞

Google Gemini Enterprise is a generative AI platform developed by Google, Inc. of the United States. There is a security vulnerability in Google Gemini Enterprise, which stems from the use of predictable Google Cloud Storage bucket names. This vulnerability may allow attackers to preemptively tak...

9.1CVSS5.8AI score0.00253EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/03 5:31 p.m.12 views

RustFS has SourceIp bypass via spoofed X-Forwarded-For/Real-IP headers

Summary IP-based access control can be bypassed: getconditionvalues trusts client-supplied X-Forwarded-For/X-Real-Ip without verifying a trusted proxy, so any reachable client can spoof aws:SourceIp and satisfy IP-allowlist policies. Details - Vulnerable code: rustfs/src/auth.rs:289-304 sets...

8.7CVSS5.5AI score0.00211EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38637)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38637 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict...

5.5CVSS5.3AI score0.0024EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.8 views

CVE-2023-45279

Yamcs 5.8.6 allows XSS issue 1 of 2. It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload a display referencing a malicious JavaScript file to the bucket. The user can then open the uploaded display by selecting Telemetry from...

5.4CVSS6AI score0.0043EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.9 views

CVE-2019-11496

In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenticated users with sufficient...

9.1CVSS6.8AI score0.0141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.4 views

CVE-2022-23509

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...

7.3CVSS6.6AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 9:20 a.m.27 views

CVE-2025-14053 Travel Bucket List <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Wish To Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS0.00234EPSS
Exploits0References3
CVE
CVE
added 2026/01/07 9:20 a.m.13 views

CVE-2025-14053

The CVE-2025-14053 entry concerns Travel Bucket List – Wish To Go (WordPress plugin). It describes Stored Cross-Site Scripting via shortcode attributes in versions up to 0.5.2 due to insufficient input sanitization/output escaping. Exploitation requires authenticated access at Contributor level o...

6.4CVSS4.7AI score0.00234EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/06 11:29 p.m.5 views

WordPress Travel Bucket List plugin <= 0.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by ChamlaVic in WordPress Plugin Wish To Go versions = 0.5.2...

6.4CVSS5.7AI score0.00234EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-28522

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus, a system container and virtual machine manager, contains a flaw where a specially crafted storage bucket backup can be used by a user with access to the storage bucket feature to crash the Incu...

9.9CVSS5.9AI score0.00481EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993032)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993032 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992663 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/25 10:54 a.m.9 views

CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

5.5CVSS5.5AI score0.00157EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/25 12:57 a.m.3 views

SUSE CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2025/12/24 11:15 a.m.3 views

CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

0.00157EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/24 11:15 a.m.2 views

CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

5.7AI score0.00157EPSS
Exploits0References5
OSV
OSV
added 2025/12/24 11:15 a.m.4 views

UBUNTU-CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

5.7AI score0.00157EPSS
Exploits0References6
CVE
CVE
added 2025/12/24 10:56 a.m.15 views

CVE-2023-54033

The CVE-2023-54033 issue affects the Linux kernel BPF maps, specifically the LRU and LRU_PERCPU hash maps. The vulnerability arises when updating these maps allocates a new element before attempting to lock the target bucket; if bucket locking fails, the allocated element is not released, making ...

5.8AI score0.00157EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/24 10:56 a.m.23 views

CVE-2023-54033 bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

0.00157EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 10:56 a.m.5 views

CVE-2023-54033 bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

6.1AI score0.00157EPSS
Exploits0References7
Rows per page
Query Builder