Lucene search
K

36 matches found

OSV
OSV
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list()

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References7
NVD
NVD
added 2026/05/21 1:16 p.m.14 views

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

8.8CVSS0.00272EPSS
Exploits0References7
OSV
OSV
added 2026/04/24 2:42 p.m.2 views

CVE-2026-31582 hwmon: (powerz) Fix use-after-free on USB disconnect

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

7.8CVSS6.5AI score0.00125EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.7 views

CVE-2025-61938

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS6.7AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 3:30 p.m.7 views

EUVD-2025-34643

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS6.2AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2025/10/15 2:15 p.m.19 views

CVE-2025-61938

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2025/10/15 2:15 p.m.6 views

CVE-2025-61938

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 1:55 p.m.23 views

CVE-2025-61938

CVE-2025-61938 affects BIG-IP Advanced WAF/ASM when a Data Guard Protection Enforcement URL exceeds 1024 characters, causing the bd process to terminate repeatedly and prompting a DoS risk. Exploitation details are not described beyond this configuration-based trigger in the provided sources. Mit...

8.7CVSS6.3AI score0.00324EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.5 views

CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS6.3AI score0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/15 1:55 p.m.11 views

CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS0.00324EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.3 views

F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM bd process vulnerability (K000156624)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000156624 advisory. When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for...

8.7CVSS5.6AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-3437

Malware in sbrugna...

10CVSS6.3AI score0.05866EPSS
Exploits5References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0296

Malware in sbrugna...

1.7CVSS6.4AI score0.00361EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-3458

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:34 a.m.8 views

CVE-2025-23828

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sindhi WordPress Data Guard wordpress-data-guards allows Stored XSS.This issue affects WordPress Data Guard: from n/a through = 8...

7.1CVSS7.2AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 9:15 p.m.7 views

CVE-2025-23828

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sindhi WordPress Data Guard wordpress-data-guards allows Stored XSS.This issue affects WordPress Data Guard: from n/a through = 8...

7.1CVSS0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:7 p.m.19 views

CVE-2025-23828 WordPress WordPress Data Guard [Website Security] plugin <= 8 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sindhi WordPress Data Guard wordpress-data-guards allows Stored XSS.This issue affects WordPress Data Guard: from n/a through = 8...

7.1CVSS0.00324EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:7 p.m.44 views

CVE-2025-23828

CVE-2025-23828 — Stored XSS in WordPress Data Guard (OriginalTips.com WordPress Data Guard): Improper neutralization of input during web page generation leading to cross-site scripting. Affected: WordPress Data Guard, from n/a through 8. CVSS v3.1 base score 7.1 (HIGH). Exact exploit details, vul...

7.1CVSS7.2AI score0.00324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/16 8:7 p.m.7 views

CVE-2025-23828 WordPress WordPress Data Guard [Website Security] plugin <= 8 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sindhi WordPress Data Guard wordpress-data-guards allows Stored XSS.This issue affects WordPress Data Guard: from n/a through = 8...

7.1CVSS7.2AI score0.00324EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.4 views

WordPress WordPress Data Guard [Website Security] plugin <= 8 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin WordPress Data Guard versions = 8...

7.1CVSS6.2AI score0.00324EPSS
Exploits0Affected Software1
Rows per page
Query Builder