Lucene search
K

1042 matches found

OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2025-1208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.5AI score0.00374EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/17 12:0 a.m.3 views

EulerOS Virtualization 2.12.0 : python-requests (EulerOS-SA-2025-1574)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This...

4.3CVSS5AI score0.00374EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.7 views

The vulnerability of the uclamp_bucket_id() function in the kernel/sched/core.c module, which is part of the Linux operating system’s resource management support mechanism, allows a hacker to gain access to protected information or cause service failures.

The vulnerability of the uclampbucketid function in the kernel/sched/core.c module related to the Linux operating system’s resource management support involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected information or cause...

7.1CVSS7.3AI score0.0024EPSS
Exploits0References16Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/04 8:12 p.m.16 views

CVE-2025-0782

A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability...

7.8AI score
Exploits0References4
NVD
NVD
added 2025/05/02 9:15 p.m.21 views

CVE-2025-0782

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
OSV
OSV
added 2025/05/02 9:15 p.m.7 views

CVE-2025-0782

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.4AI score
Exploits0
CVE
CVE
added 2025/05/02 8:11 p.m.64 views

CVE-2025-0782

CVE-2025-0782 is tied to a vulnerability in the S3 bucket configuration used by h2oai/h2o-3, where public write access to the bucket named “h2o-release” could allow an attacker to overwrite any file and potentially enable remote code execution for users downloading binaries. The primary exploit v...

9.7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/05/02 8:11 p.m.5 views

CVE-2025-0782

...

9.6AI score
Exploits0
Cvelist
Cvelist
added 2025/05/02 8:11 p.m.21 views

CVE-2025-0782

...

Exploits0
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

DEBIAN-CVE-2023-53072

In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...

7.8CVSS5.8AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.6 views

PT-2025-18919 · H2O.Ai · H2O-3

Name of the Vulnerable Software and Affected Versions: h2oai/h2o-3 affected versions not specified Description: A vulnerability in the S3 bucket configuration allows public write access to the 'h2o-release' bucket. This could enable an attacker to overwrite any file in the bucket, potentially...

10CVSS9.4AI score
Exploits0References12
SUSE CVE
SUSE CVE
added 2025/04/18 11:19 p.m.3 views

SUSE CVE-2025-38637

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

4.7CVSS7.7AI score0.0024EPSS
Exploits0References17
OSV
OSV
added 2025/04/18 7:15 a.m.2 views

DEBIAN-CVE-2025-38637

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

5.5CVSS5.7AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2025/04/18 7:15 a.m.3 views

UBUNTU-CVE-2025-38637

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

6.8CVSS6.2AI score0.0024EPSS
Exploits0References50
OSV
OSV
added 2025/04/16 3:15 p.m.1 views

DEBIAN-CVE-2025-22061

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airohatcgethtbgetleafqueue Fix the following kernel warning deleting HTB offloaded leafs and/or root HTB qdisc in airohaeth driver properly reporting qid in airohatcgethtbgetleafqueue routine. $tc...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/04/04 2:28 p.m.28 views

MinIO performs incomplete signature validation for unsigned-trailer uploads

Impact This is a high priority vulnerability and users must upgrade ASAP. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on the bucket, Prior...

8.7CVSS7AI score0.02327EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/04 8:32 a.m.25 views

CVE-2025-31489

A flaw was found in the Minio package. The signature component of the authorization may be invalid, which would mean that, as a client, you can use any arbitrary secret to upload objects, given the user already has prior WRITE permissions on the bucket. Prior knowledge of the access key and bucke...

7.5CVSS7AI score0.02327EPSS
Exploits0References5
OSV
OSV
added 2025/04/03 7:36 p.m.4 views

CVE-2025-31489 MinIO performs incomplete signature validation for unsigned-trailer uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS6.8AI score0.02327EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/04/03 7:36 p.m.4 views

CVE-2025-31489

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS6.9AI score0.02327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.4 views

PT-2025-14797

Name of the Vulnerable Software and Affected Versions: MinIO versions prior to RELEASE.2025-04-03T14-56-28Z Description: The issue concerns an authorization flaw in MinIO, a high-performance object storage system. This flaw allows a client with prior WRITE permissions on a bucket to upload object...

8.7CVSS7.8AI score0.02327EPSS
Exploits0References30
Rows per page
Query Builder