Lucene search
K

293 matches found

Debian CVE
Debian CVE
added 2025/08/13 12:3 p.m.25 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS5.9AI score0.04604EPSS
Exploits3
AlpineLinux
AlpineLinux
added 2025/08/13 12:3 p.m.10 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS6.6AI score0.04604EPSS
Exploits3
NCSC
NCSC
added 2025/07/11 9:58 a.m.5 views

Vulnerabilities fixed in Zoom Clients

Zoom has fixed vulnerabilities in Zoom Clients Specifically versions for Linux, Windows, iOS and macOS. The vulnerabilities include incorrect certificate validation in Zoom Workplace for Linux, a buffer overflow in specific Zoom Clients for Windows, cross-site scripting in Zoom Clients for Window...

9.1CVSS6.8AI score0.00569EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/06/25 12:21 a.m.6 views

undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server...

7.5CVSS7.3AI score0.01175EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/06/25 12:16 a.m.4 views

undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server...

7.5CVSS7.3AI score0.01175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/06/20 3:3 p.m.9 views

CVE-2025-38040

In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic: ...

4.7CVSS7.2AI score0.0016EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/05/29 12:0 a.m.7 views

Securing AI Agents with Information-Flow Control

As AI agents become increasingly autonomous and capable, ensuring their security against vulnerabilities such as prompt injection becomes critical. This paper explores the use of information-flow control IFC to provide security guarantees for AI agents. We present a formal model to reason about t...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/28 9:32 a.m.22 views

How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds

Would you expect an end user to log on to a cybercriminal's computer, open their browser, and type in their usernames and passwords? Hopefully not! But that's essentially what happens if they fall victim to a Browser-in-the-Middle BitM attack. Like Man-in-the-Middle MitM attacks, BiTM sees...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 p.m.11 views

CVE-2021-0442

In updateInfo of androidhardwareinputInputApplicationHandle.cpp, there is a possible control of code flow due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.3AI score0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:13 p.m.6 views

CVE-2021-20107

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

5.4CVSS6.6AI score0.00543EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:3 a.m.19 views

CVE-2019-17243

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEGLS+0x0000000000003155...

7.8CVSS7AI score0.01521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:16 a.m.7 views

CVE-2019-17244

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEGLS+0x0000000000001d8a...

7.8CVSS7AI score0.01521EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

in linux kernel bluetooth L2CAP, l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range...

6.5CVSS6.8AI score0.00215EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2025/03/28 11:1 a.m.14 views

AIs as Trusted Third Parties

This is a truly fascinating paper: "Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography." The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of privacy can limit t...

7.1AI score
Exploits0
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

DEBIAN-CVE-2023-52941

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frame...

5.5CVSS5.6AI score0.00197EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the QUIC and HTTP/3 implementations in the C language package NGTCP2 lies in the improper implementation of control flow management, allowing a attacker to execute arbitrary code.

The vulnerability of the QUIC and HTTP/3 implementations in the C language package NGTCP2 is related to the implementation of incorrect flow control. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.5CVSS7AI score0.00802EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-1142857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe drive...

8.6CVSS6.5AI score0.02429EPSS
Exploits0References2
OSV
OSV
added 2025/02/12 2:15 p.m.3 views

DEBIAN-CVE-2025-21695

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer dereference in...

4.7CVSS5.5AI score0.00175EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/21 12:0 a.m.2 views

SQL Injection Vulnerability in Aifei Flow Control Router of AllConvergence Network Technology (Beijing) Co.

AiFast Flow Control Router is a router product of Quanxun Convergence Network Technology Beijing Co. Ltd. AiFast Flow Control Router has a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2024/10/21 12:0 a.m.2 views

Information Leakage Vulnerability in AIFL Flow Control Router of AllConvergence Network Technology (Beijing) Co.

AiFast Flow Control Router is a router product of Quanxun Convergence Network Technology Beijing Co. Ltd. AiFast Flow Control Router has an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...

6.6AI score
Exploits0
Rows per page
Query Builder