Lucene search
K

7652 matches found

Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.2 views

PT-2025-47806

Name of the Vulnerable Software and Affected Versions iPadOS versions prior to 17.7.7 iOS versions prior to 18.5 visionOS versions prior to 2.5 macOS Sonoma versions prior to 14.7.3 macOS Ventura versions prior to 13.7.3 macOS Sequoia versions prior to 15.5 watchOS versions prior to 11.5...

4.3CVSS6AI score0.00171EPSS
Exploits0References13
Amazon
Amazon
added 2025/01/24 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: IORINGOPREAD did not correctly consume the provided buffer list when CVE-2023-52926 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattr CVE-2024-27407 I...

8.4CVSS7.7AI score0.00612EPSS
Exploits1
Cvelist
Cvelist
added 2025/01/20 6:9 p.m.14 views

CVE-2025-23214 Cosmos userbase checking vulnerability

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. By monitoring the error code returned in the login, it is possible to figure out whether a user exist or not in the database. Patched in 0.17.7...

6.9CVSS0.00608EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/18 12:0 a.m.3 views

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from incorrect boundary checking. An attacker can escalate privileges by exploiting the vulnerability...

7.8CVSS9.1AI score0.00095EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/18 12:0 a.m.2 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from a lack of permission checking. An attacker can escalate privileges by exploiting the vulnerability...

5.5CVSS9.2AI score0.00093EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.6 views

PT-2025-1340 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to incorrect boundary checking, which could allow access to kernel memory in user space. This might lead to a local privilege escalation without requiring...

7.8CVSS8.7AI score0.00095EPSS
Exploits0References4
CNVD
CNVD
added 2025/01/16 12:0 a.m.5 views

Google Android wbrc_bt_dev_write function out-of-bounds write vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an out-of-bounds write vulnerability, which stems from a lack of bounds checking in the wbrcbtdevwrite function of the wbregoncoordinator.c file, which can be exploited by an attacker to cause an...

6.7CVSS6.8AI score0.00081EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/16 12:0 a.m.5 views

Google Android cc_SendCcImsInfoIndMsg function out-of-bounds write vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android has an out-of-bounds write vulnerability that originates from the lack of boundary checking in the ccSendCcImsInfoIndMsg function of the ccMmConManagement.c file, which can be exploited by an attacker to caus...

9.8CVSS6.8AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2025/01/13 12:0 p.m.8 views

RUSTSEC-2025-0002 Segmentation fault due to lack of bound check

In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...

7.4AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/01/13 8:25 a.m.14 views

CVE-2024-57800

In the Linux kernel, the following vulnerability has been resolved: ALSA: memalloc: prefer dmamappingerror over explicit address checking With CONFIGDMAAPIDEBUG enabled, the following warning is observed: DMA-API: sndhdaintel 0000:03:00.1: device driver failed to check map errordevice...

5.5CVSS6.8AI score0.00203EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/11 12:0 a.m.3 views

PT-2025-1374 · Undefined · Undefined

"Source": "CVE FEED", "Title": "CVE-2025-23128 - CVE-2022-47713: VMware VMware Workstation - Inadequate Bounds Checking", "Content": "CVE ID : CVE-2025-23128 Published : Jan. 11, 2025, 3:15 p.m. | 42 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2025/01/10 12:0 a.m.6 views

Google Pixel has unspecified vulnerability (CNVD-2025-05535)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an unspecified vulnerability that stems from a lack of bounds checking in emmcrpmbioctl in emmcrpmb.c, which may allow information disclosure. No details of the vulnerability are provided at this time...

6.5CVSS6.7AI score0.00087EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.6 views

WordPress plugin linkID 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.6CVSS8.1AI score0.01289EPSS
Exploits3References2
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.5 views

WordPress plugin Jupiter X Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

5.3CVSS8.1AI score0.00397EPSS
Exploits0References4
Veracode
Veracode
added 2025/01/03 5:6 a.m.11 views

Mishandling Non-integer Values

nanoid is vulnerable to Mishandling non-integer values. The vulnerability is due to insufficient input validation and inadequate type checking in earlier versions of Nano ID, which fails to properly handle non-integer values. It allows attackers to exploit the mishandling of input, leading to...

4.3CVSS4.8AI score0.00666EPSS
Exploits0References7Affected Software2
CNVD
CNVD
added 2025/01/03 12:0 a.m.8 views

Google Pixel has an unspecified vulnerability (CNVD-2025-05538)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an unspecified vulnerability that stems from a lack of bounds checking in handlenotificationresponse in btifrc.cc, which leads to out-of-bounds writes. No details of the vulnerability are provided at...

8.8CVSS7AI score0.00196EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/03 12:0 a.m.8 views

Google Pixel has an unspecified vulnerability (CNVD-2025-01684)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a lack of boundary checking in mtkcfg80211vendorpacketkeepalive in drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/glvendor.c and...

7.8CVSS6.8AI score0.00084EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/03 12:0 a.m.7 views

Google Android Denial of Service Vulnerability (CNVD-2025-03019)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from a lack of bounds checking in the ihevcdparseslicedata function in the ihevcdparseslice.c file, which can be exploited by an attacker to cause a...

6.5CVSS8.8AI score0.00296EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/03 12:0 a.m.8 views

Google Android Information Disclosure Vulnerability (CNVD-2025-03652)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability, the vulnerability stems from the lack of boundary checking in the SensorService::isDataInjectionEnabled method in the SensorService.cpp file, which can be exploite...

6.2CVSS6.2AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.9 views

PT-2025-20574

Name of the Vulnerable Software and Affected Versions Rust's Ring package affected versions not specified Debian Linux affected versions not specified Description A flaw in Rust's Ring package can trigger a panic when overflow checking is enabled. This issue can be exploited in the QUIC protocol ...

8.7CVSS8.1AI score0.00825EPSS
Exploits0References40
Rows per page
Query Builder