Lucene search
K

120 matches found

Vulnrichment
Vulnrichment
added 2025/05/06 2:49 p.m.7 views

CVE-2025-4374 Quay: incorrect privilege assignment

A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository...

6.5CVSS6.8AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.6 views

PT-2025-19956 · Quay · Quay

Name of the Vulnerable Software and Affected Versions: Quay affected versions not specified Description: A flaw was found in Quay where an organization acting as a proxy cache grants "Admin" permissions on a newly created repository when a user or robot pulls an image that hasn't been mirrored ye...

6.5CVSS6.4AI score0.00211EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/04/16 5:4 a.m.21 views

CVE-2025-22018 atm: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is NULL...

0.00174EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.5 views

PT-2025-15757 · Xgrammar · Xgrammar

Name of the Vulnerable Software and Affected Versions: XGrammar versions prior to 0.1.18 Description: The issue concerns an unbounded cache for compiled grammars in memory, which can be exploited to cause a denial of service by filling up a host's memory. This can occur when a system using XGramm...

6.5CVSS6.3AI score0.00466EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/31 12:0 a.m.26 views

macOS 13.x < 13.7.5 Multiple Vulnerabilities (122375)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.5. It is, therefore, affected by multiple vulnerabilities: - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3...

10CVSS7.2AI score0.18668EPSS
Exploits13References109
CVE
CVE
added 2025/03/28 11:54 a.m.49 views

CVE-2025-31469

CVE-2025-31469 is a Missing Authorization vulnerability in the Clear Sucuri Cache WordPress plugin. Affected: Clear Sucuri Cache

5.3CVSS7.2AI score0.00286EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:23 p.m.70 views

CVE-2025-2888

CVE-2025-2888 affects the Amazon tough client (The Update Framework) where, during a snapshot rollback, the client incorrectly caches timestamp metadata. If the next update checks this cache, update timestamp validation may fail, blocking subsequent updates until the cache is cleared. The issue i...

5.7CVSS6.8AI score0.00307EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2025/03/27 4:43 p.m.8 views

CVE-2023-52982

In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pending volume acquisition by using wakeupbit, however it is mismatched with waitvarevent used in...

5.5CVSS5.4AI score0.0021EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.6 views

PT-2025-11696 · Vllm · Vllm

Name of the Vulnerable Software and Affected Versions: vLLM versions prior to 0.8.0 Description: The issue is related to the outlines library used by vLLM for structured output, which has an optional cache for compiled grammars on the local filesystem. This cache is enabled by default. A maliciou...

6.5CVSS6.3AI score0.00421EPSS
Exploits0References12
Amazon
Amazon
added 2025/03/06 12:0 a.m.5 views

Important: kernel-livepatch-4.14.355-275.572

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun CVE-2024-49995 In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing CVE-2024-50279...

7.1CVSS6.9AI score0.00262EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-41031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/filemap: skip to create PMD-sized page cache if needed On ARM64, HPAGEPMDORDER is 13 when the base page size is 64KB. The PMD-sized page cache can't be...

5.5CVSS6.5AI score0.00288EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-42241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page...

5.5CVSS6.4AI score0.00211EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/04 2:25 p.m.19 views

Security Bulletin: Multiple vulnerabilities in libcURL affect IBM DevOps Code ClearCase.

Summary libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM DevOps Code ClearCase. CVE-2024-7264, CVE-2024-9681 Vulnerability Details CVEID:CVE-2024-7264 DESCRIPTION: cURL libcurl could allow a local attacker to obtain sensitive information, caused by an...

6.5CVSS6.8AI score0.17301EPSS
Exploits2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/27 8:1 p.m.12 views

CVE-2025-21811 nilfs2: protect access to buffers with no active references

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...

7.4AI score0.00216EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.6 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1151)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

6.5CVSS6.7AI score0.0197EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1186)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

6.5CVSS6.7AI score0.0197EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 8:24 p.m.9 views

CVE-2022-31167

XWiki Platform Security Parent POM contains the security APIs for XWiki Platform, a generic wiki platform. Starting with version 5.0 and prior to 12.10.11, 13.10.1, and 13.4.6, a bug in the security cache stores rules associated to document Page1.Page2 and space Page1.Page2 in the same cache entr...

7.1CVSS6.7AI score0.0067EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/02/03 9:7 a.m.3 views

Security update for curl

This update for curl fixes the following issues: CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry bsc1232528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

6.9CVSS7.3AI score0.0197EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/01/13 9:42 p.m.10 views

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS6.8AI score0.00192EPSS
Exploits1
OSV
OSV
added 2024/12/18 12:0 a.m.10 views

CVE-2024-56169

A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties such as Fort are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently...

5.3CVSS6.9AI score0.00179EPSS
Exploits0References4
Rows per page
Query Builder