Lucene search
K

219826 matches found

EUVD
EUVD
added 2026/05/04 4:43 p.m.6 views

EUVD-2025-209631

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.11 views

CVE-2025-47406

CVE-2025-47406 is a DSP Service buffer over-read vulnerability where information disclosure can occur during processing of IOCTL handler callbacks without verifying the input buffer size. The NVD entries describe the issue as Information Disclosure with a CVSSv3.1 base score of 6.1 (Medium), with...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.30 views

CVE-2025-47406 Buffer Over-read in DSP Service

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS0.00074EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.5 views

CVE-2025-47406

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.6 views

CVE-2025-47405

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 4:43 p.m.10 views

EUVD-2025-209630

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.9 views

CVE-2025-47405

CVE-2025-47405 describes memory corruption that occurs when processing camera sensor IO controls with invalid output buffers. The connected CVE records call it an untrusted pointer dereference in the camera path, linking root cause to dereferencing pointers derived from untrusted inputs during IO...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 4:43 p.m.6 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.29 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS0.00075EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:9 p.m.10 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-web (CVE-2026-22732)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-22732 reported for spring-security-web-6.4.12.jar. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the...

9.1CVSS7.3AI score0.0048EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:8 p.m.7 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...

9.8CVSS7.3AI score0.00876EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:7 p.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2025-66168)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-66168 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2025-66168 DESCRIPTION: WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following...

8.8CVSS6.1AI score0.0078EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:7 p.m.11 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2026-2332)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-2332 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "fun...

9.1CVSS5.8AI score0.01127EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:6 p.m.11 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-server (CVE-2026-1605)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-1605 reported for jetty-server-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed...

7.5CVSS5.8AI score0.00625EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:6 p.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-34197)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-34197 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-34197 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broke...

8.8CVSS7.9AI score0.9619EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:4 p.m.7 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-39304)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-39304 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-39304 DESCRIPTION: Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ...

7.5CVSS5.8AI score0.00896EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/04 1:12 p.m.6 views

JLSEC-2026-397

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS6.8AI score0.01788EPSS
Exploits1References16
NVD
NVD
added 2026/05/04 12:16 p.m.12 views

CVE-2026-3120

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3...

7.2CVSS0.01182EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/04 11:11 a.m.9 views

Improper Access Control

Apache Storm is vulnerable to Improper Access Control. The vulnerability is due to fail-open handling of TLS client authentication in TlsTransportPlugin, where SSLPeerUnverifiedException is suppressed and a fallback principal CN=ANONYMOUS is assigned, allowing unauthenticated clients to obtain a...

6.5CVSS5.8AI score0.00286EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/04 10:47 a.m.4 views

CVE-2026-7246

A flaw was found in Pallets Click. This command injection vulnerability, located in the click.edit function, allows an attacker with an unprivileged account to execute arbitrary operating system OS commands. This could lead to unauthorized control over the affected system...

7.2CVSS6AI score0.0081EPSS
Exploits1References5
Rows per page
Query Builder