Lucene search
K

7652 matches found

RustSec
RustSec
added 2025/03/27 12:0 p.m.12 views

Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

7.1AI score
Exploits0Affected Software1
CNVD
CNVD
added 2025/03/27 12:0 a.m.3 views

Unspecified Vulnerability in SAP S/4HANA (CNVD-2025-08314)

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a lack of authorization checking, which could be exploited by an attacker to gain unauthorized access to...

4.3CVSS6.8AI score0.00225EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/27 12:0 a.m.6 views

Unspecified vulnerability in Lunary (CNVD-2025-06936)

Lunary is Lunary open source a production toolkit for LLM . Lunary afc5df4 version of a security vulnerability , the vulnerability stems from a flaw in the permission checking mechanism , an attacker can use this vulnerability to cause unauthorized access to sensitive endpoints...

7.3CVSS6.5AI score0.0078EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the can isotp component splitting the tx timer into two functions, transmission and timeout, fixing a...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 1:40 a.m.37 views

Security Bulletin: Urbancode Deploy is vulnerable to incorrect authorization reading Component Processes ( CVE-2022-35716 )

Summary Component process security checks can sometimes grant read-level access to users that do not have access if the process is owned by a Component Template and an endpoint performs multiple validations. Vulnerability Details CVEID:CVE-2022-35716 DESCRIPTION: IBM UrbanCode Deploy UCD could...

6.5CVSS6.3AI score0.00535EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/03/25 12:0 a.m.30 views

Vercel Next.js Privilege Bypass Vulnerability

Next.js is Vercel open source a React framework. Vercel Next.js suffers from a privilege bypass vulnerability that stems from the fact that if authorization checking occurs in middleware, an attacker can use the vulnerability to bypass authorization checking...

9.1CVSS7AI score0.99621EPSS
Exploits58References1
GithubExploit
GithubExploit
added 2025/03/22 3:26 p.m.728 views

Exploit for Stack-based Buffer Overflow in Dlink Dap-1620_Firmware

CVE-2025-2620 Proof-of-Concept Exploit Overview This repos...

10CVSS10AI score0.07486EPSS
Exploits2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

Lunary 安全漏洞

Lunary is Lunary open source a production toolkit for LLM . Lunary afc5df4 version of a security vulnerability , the vulnerability stems from a flaw in the permission checking mechanism , an attacker can use this vulnerability to cause unauthorized access to sensitive endpoints...

7.3CVSS7.2AI score0.0078EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/17 12:23 p.m.11 views

CVE-2025-2401 Buffer overflow in Immunity Debugger

Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking...

5.4CVSS0.00184EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/17 4:23 a.m.4 views

Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

7.8CVSS6AI score0.0039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/17 1:49 a.m.7 views

Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

7.8CVSS6AI score0.0039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/17 1:39 a.m.5 views

Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

7.8CVSS6AI score0.0039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/17 1:16 a.m.6 views

Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

7.8CVSS6AI score0.0039EPSS
Exploits0References4
CNVD
CNVD
added 2025/03/17 12:0 a.m.3 views

Zoom Workplace Apps Heap Buffer Overflow Vulnerability

Zoom Workplace Apps is an enterprise-grade collaboration platform that combines video conferencing, team collaboration, AI assistance, and other features for hybrid office scenarios. Zoom Workplace Apps suffers from a heap buffer overflow vulnerability that stems from the program not properly...

8.8CVSS7.6AI score0.00419EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/15 9:15 a.m.3 views

CVE-2025-1057

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

4.3CVSS5.8AI score0.00365EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2025/03/15 9:15 a.m.16 views

CVE-2025-1057

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

4.3CVSS0.00365EPSS
Exploits0References4
CVE
CVE
added 2025/03/15 8:50 a.m.60 views

CVE-2025-1057

CVE-2025-1057 affects Keylime (registrar) where a change in database type handling introduced in version 7.12.0 prevents reading prior-version entries (e.g., 7.11.0) because older data is stored as bytes while the registrar now expects strings. This mismatch can trigger an error/exceptions during...

4.3CVSS4.5AI score0.00365EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/15 12:0 a.m.2 views

Keylime 代码问题漏洞

Keylime is an open source extensible trust system utilizing TPM technology from Keylime Open Source. A code issue vulnerability exists in Keylime version 7.12.0 that stems from strict type checking and could lead to proxy registration failure...

4.3CVSS6.7AI score0.00365EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.3 views

NFC: nci: Add bounds checking in nci_hci_create_pipe()

...

7.8CVSS7.3AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/03/13 7:0 a.m.5 views

gve: guard XSK operations on the existence of queues

...

5.5CVSS7.2AI score0.002EPSS
Exploits0
Rows per page
Query Builder