Lucene search
K

17758 matches found

NVD
NVD
added 2025/09/03 3:15 p.m.7 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

4.3CVSS0.00288EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/03 3:2 p.m.5 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

6.2AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.8 views

PT-2025-35780

Name of the Vulnerable Software and Affected Versions: Jenkins Git client Plugin versions 6.3.2 and earlier Description: The Git URL field form validation responses differ based on whether the specified file path exists on the Jenkins controller when using the amazon-s3 protocol with JGit. This...

4.3CVSS6.3AI score0.00288EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0...

7.1CVSS6.7AI score0.00151EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/09/02 6:45 p.m.3 views

USN-7725-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...

7.8CVSS7.1AI score0.00227EPSS
Exploits0
OSV
OSV
added 2025/09/02 5:47 p.m.9 views

USN-7726-4 linux-gke, linux-ibm-5.15, linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...

8.4CVSS6.6AI score0.00295EPSS
Exploits0References5
OSV
OSV
added 2025/09/02 1:1 p.m.5 views

USN-7727-3 linux-aws vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...

9.1CVSS6.7AI score0.01367EPSS
Exploits0References11
NVD
NVD
added 2025/09/02 12:15 p.m.4 views

CVE-2025-52551

E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system...

9.3CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 12:15 p.m.7 views

CVE-2025-52544

E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...

7.5CVSS5.8AI score0.00334EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/02 11:30 a.m.1 views

CVE-2025-52551 Proprietary protocol allows for unauthenticated file operations

E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system...

9.3CVSS6.5AI score0.00324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/02 11:25 a.m.4 views

CVE-2025-52544 Arbitrary read file from the filesystem

E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...

8.8CVSS6.6AI score0.00334EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/02 12:0 a.m.2 views

QNAP QTS and QuTS hero null pointer dereference vulnerability (CNVD-2025-27748)

QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...

6.5CVSS6.6AI score0.0034EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.5 views

PT-2025-35553

Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor Control versions prior to 2.31F01 Description: E3 Site Supervisor Control firmware version prior to 2.31F01 has a floor plan feature that allows an unauthenticated attacker to upload floor plan files. By uploading a special...

8.8CVSS6.5AI score0.00334EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-36137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission...

3.3CVSS6.1AI score0.00395EPSS
Exploits0References2
Veracode
Veracode
added 2025/09/01 5:6 a.m.5 views

Path Traversal

tinyscientist is vulnerable to path Traversal. The vulnerability is due to improper validation of file paths in the reviewpaper function, which allows an attacker to craft malicious file paths to read arbitrary PDF files on the server, access sensitive documents, and perform reconnaissance on the...

8.8CVSS6.6AI score0.00597EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in...

7.5CVSS6.3AI score0.00528EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's...

5.5CVSS6AI score0.00145EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/31 12:0 a.m.5 views

PT-2025-49070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-syzkaller Description The Linux kernel had an uninitialized value issue within the hfs find set zero bits function, specifically related to the HFS filesystem. The issue was identified by syzbot and involv...

4.6CVSS6.4AI score0.00177EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/08/30 11:21 p.m.2 views

SUSE CVE-2025-38677

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...

7.1CVSS6.3AI score0.00151EPSS
Exploits0References3
Rows per page
Query Builder