Lucene search
K

91 matches found

CVE
CVE
added 2026/06/30 8:58 a.m.13 views

CVE-2025-24816

Technical details about CVE-2025-24816 are not publicly available in the provided documents; monitor for updates from Nokia and vulnerability databases.

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.3 views

The vulnerability of the dst_count_dec() function in the net/core/dst.c module, a support for network functions in the Linux kernel, allows a hacker to cause a service failure.

The vulnerability of the dstcountdec function in the net/core/dst.c module, part of the Linux kernel’s networking functions support, involves disclosing confidential information. Exploiting this vulnerability could allow an attacker to cause service failures...

7.8CVSS6.7AI score0.00176EPSS
Exploits0References31Affected Software3
Snyk
Snyk
added 2026/02/18 12:56 a.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the webhooks process. An attacker can access internal network resources and extract sensitive information by submitting crafted webhook URLs that resolve to internal IP addresses, causing the server ...

7.2CVSS5.5AI score0.00061EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/03 11:33 a.m.3 views

CVE-2025-11598 Exposure of Confidential Information in mObywatel application

In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended reopening the app would require the user to log in. The data exposed depends on the last application view...

1CVSS5.4AI score0.00151EPSS
Exploits0References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

Huawei HarmonyOS Memo Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS memo module, which can be exploited by an attacker to compromise confidentiality...

5.5CVSS5.8AI score0.00078EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.8 views

PT-2025-86: Disclosure of confidential data via controller configuration request in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to obtain administrator‑level privileges. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...

8.3CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2025/08/31 12:0 a.m.5 views

Tenda AC9 安全漏洞

Tenda AC9 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in 2016. The Tenda AC9 suffers from a hard-coded vulnerability that originates from an unknown function in the file /etcro/shadow of the component management interface, which can be exploited by an attacker...

7CVSS6.9AI score0.00131EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.7 views

PT-2025-30698 · Hcl · Hcl Iautomate

Name of the Vulnerable Software and Affected Versions: HCL iAutomate affected versions not specified Description: HCL iAutomate includes hardcoded credentials, which could lead to the exposure of confidential data if intercepted or accessed by unauthorized parties. Recommendations: At the moment,...

7.1CVSS6.2AI score0.00253EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/10 7:54 a.m.2 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the SCT extension parsing process. An attacker can access confidential information by providing a specially crafted certificate containing a malformed SCT extension during X.509 certificate verificatio...

6.9CVSS6.6AI score0.01179EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.8 views

Vulnerability of the ipoctal_port_activate() function in the drivers/ipack/devices/ipoctal.c module – The IndustryPack device support driver for the Linux operating system allows attackers to compromise the confidentiality and accessibility of protected information.

Vulnerability of the ipoctalportactivate function in the drivers/ipack/devices/ipoctal.c module – The IndustryPack device support driver for the Linux operating system contains a vulnerability that may lead to the disclosure of confidential information. Exploiting this vulnerability could allow a...

7.1CVSS6.6AI score0.00249EPSS
Exploits0References20Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.12 views

Vulnerability of the vmbus_connect() function in the drivers/hv/connection.c module – Microsoft Hyper-V guest mode support driver for Linux operating systems. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the vmbusconnect function in the drivers/hv/connection.c module – Microsoft’s Linux-based Hyper-V guest mode driver has a vulnerability that exposes confidential system information due to unprocessed debugging information. Exploitation of this vulnerability could allow an attacke...

8.1CVSS6.5AI score0.00915EPSS
Exploits0References20Affected Software4
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.4 views

PT-2025-17913

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A security issue was found in Moodle where confidential information that prevents cross-site request forgery CSRF attacks was shared publicly through the site's URL. This issue occurred...

3.1CVSS5.8AI score0.00296EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.6 views

The vulnerability of the __inet_hash_connect() function in the net/ipv4/inet_hashtables.c module, which is part of the IPv4 protocol implementation in Linux kernel, allows a attacker to access protected information.

The vulnerability of the inethashconnect function in the net/ipv4/inethashtables.c module of the Linux operating system’s IPv4 protocol implementation involves the exposure of confidential information. Exploiting this vulnerability could allow a remote attacker to gain access to protected...

5.9CVSS6AI score0.00761EPSS
Exploits0References22Affected Software3
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.12 views

SAP NetWeaver AS Java Multiple Vulnerabilities (Feb 2025)

SAP NetWeaver Application Server for Java is affected by multiple vulnerabilities, including the following: - The User Admin application of SAP NetWeaver AS for Java insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This resul...

8.8CVSS6.2AI score0.00519EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

10CVSS7.7AI score0.01328EPSS
Exploits0References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2024/11/26 12:0 a.m.18 views

RHEL 8 : haproxy (RHSA-2024:10267)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10267 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy:...

8.2CVSS6.8AI score0.01526EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.8 views

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link routers such as DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software systems allows a hacker to disclose confidential information.

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software routers is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose...

5.3CVSS6.2AI score0.01464EPSS
Exploits1References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.7 views

The vulnerability of the ImageOverlay::parse() function in the decoder and encoder for video and photo files in the libheif library allows a hacker to access confidential information.

The vulnerability of the ImageOverlay::parse function, used by the decoder and encoder for video and photo files in the libheif library, involves reading beyond the memory boundaries. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

9.4CVSS7.6AI score0.00825EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.16 views

The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain access to confidential information.

The vulnerability of the Linux operating system’s SCSI kernel component is related to excessive data output in the scsihostdevrelease function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

3.3CVSS6.2AI score0.00242EPSS
Exploits0References45Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.13 views

The vulnerability of the Linux operating system’s kernel, which allows a hacker to obtain encryption keys

The vulnerability of the Linux operating system’s kernel is related to the storage of confidential information in an open manner during the processing of DCP keys. Exploiting this vulnerability can allow a perpetrator to obtain encryption keys...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder