Lucene search
K

228 matches found

OSV
OSV
added 2025/07/01 10:15 a.m.4 views

CVE-2025-49489

Improper Resource Shutdown or Release vulnerability in ASR FalconLinux、Kestrel、LapwingLinux on Linux conmgr components allows Resource Leak Exposure. This vulnerability is associated with program files conmgr/dialertask.C. This issue affects FalconLinux、Kestrel、LapwingLinux: before v1536...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.3 views

Asrmicro ASR Series 安全漏洞

The Asrmicro ASR Series is a series of chips from China's Avantage Technology Asrmicro. A security vulnerability exists in Asrmicro ASR Series, which originates from an improper resource release in the dialertask.C file in the conmgr component, which could lead to a resource leak...

5.4CVSS6.6AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.7 views

CVE-2021-22807

A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

7.8CVSS7.9AI score0.00814EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:8 p.m.7 views

CVE-2021-38111

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI Near Field Magnetic Induction protocol...

8.8CVSS7.5AI score0.01332EPSS
Exploits1
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/03/19 6:13 a.m.12 views

Cybersecurity communities. Small hacker groups, big impact

TL;DR Cybersecurity communities and groups are an excellent opportunity to network and learn There are OWASP, DEF CON, 2600, university hacking societies, Meetup communities and more to choose from They provide workshops, talks, and practical learning opportunities benefiting both newcomers and...

7.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/12/28 3:50 a.m.4 views

SUSE CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

6.6CVSS7.7AI score0.0024EPSS
Exploits0References14
OSV
OSV
added 2024/12/27 2:15 p.m.15 views

AZL-55788 CVE-2024-53203 affecting package kernel for versions less than 5.15.184.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.13 views

AZL-55733 CVE-2024-53203 affecting package kernel for versions less than 6.6.90.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.6AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.3 views

UBUNTU-CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS6.3AI score0.0024EPSS
Exploits0References28
OSV
OSV
added 2024/10/29 1:15 a.m.1 views

DEBIAN-CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

6.5CVSS5.9AI score0.00593EPSS
Exploits0References1
OSV
OSV
added 2024/10/29 1:15 a.m.6 views

AZL-52089 CVE-2024-50076 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

6.5CVSS6.8AI score0.00593EPSS
Exploits0References1
OSV
OSV
added 2024/10/29 1:15 a.m.1 views

UBUNTU-CVE-2024-50076

In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...

6.5CVSS6.3AI score0.00593EPSS
Exploits0References20
NVD
NVD
added 2024/10/24 6:15 p.m.56 views

CVE-2024-10337

A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection. It is possible to launch the attack...

7.2CVSS0.00441EPSS
Exploits1References3
Rapid7 Blog
Rapid7 Blog
added 2024/10/16 6:14 p.m.7 views

Root Access for Data Control: A DEF CON IoT Village Story

Every year, Rapid7 is a presenter at DEF CON’s IoT Village, sharing in-depth insight and expertise into the hacking of all things Internet of Things. This year, our perennial IoT hacking presenter, Principal Security Researcher, IoT, Deral Heiland, along with Rapid7 pentest team members, showed...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/27 11:37 a.m.2 views

Malicious code in telegram-con (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4423698d3e9c78a69cbb237d0f5e731fc3d3cb87d359523298398d8ef719c8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/08/27 11:37 a.m.11 views

MAL-2024-8050 Malicious code in telegram-con (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4423698d3e9c78a69cbb237d0f5e731fc3d3cb87d359523298398d8ef719c8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/08/23 6:51 p.m.9 views

GHSA-WQ9X-QWCQ-MMGF Diesel vulnerable to Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the Diesel Gitter Channel: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to...

9.3CVSS8.5AI score
Exploits0References5
The Hacker News
The Hacker News
added 2024/08/10 7:0 p.m.50 views

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

As many as 10 security flaws have been uncovered in Google's Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution RCE chain on systems that have the software installed. "The Quick Share application implements its own specific...

7.1CVSS8.4AI score0.00225EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/08/09 6:21 p.m.29 views

Metasploit Weekly Wrap-Up 08/09/2024

Black Hat & DEF CON Hopefully folks were able to catch our Rapid7 researchers @zeroSteiner & Jack Heysel show off the Metasploit 6.4's features, focusing on combinations that allow for new, streamlined attack workflows at Black Hat. If not they will also be demoing at DEF CON tomorrow in room W30...

9.8CVSS7.8AI score0.83393EPSS
Exploits8
Talos Blog
Talos Blog
added 2024/08/08 6:0 p.m.11 views

The top stories coming out of the Black Hat cybersecurity conference

Over the next two weeks, two of the largest cybersecurity conferences in the world will take place in Las Vegas: Black Hat and DEF CON. That means product announcements, buzzwords and stories about "X smart appliance could burn your house down!" or something like that. Over the next two weeks, Il...

7.2AI score
Exploits0
Rows per page
Query Builder