Lucene search
+L

950 matches found

EUVD
EUVD
added 2026/03/25 12:30 p.m.7 views

EUVD-2026-15334

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.7AI score0.00121EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.11 views

CVE-2026-23358

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
OSV
OSV
added 2026/03/25 11:16 a.m.6 views

UBUNTU-CVE-2026-23358

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23358

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.7AI score0.00121EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.28 views

CVE-2026-23358 drm/amdgpu: Fix error handling in slot reset

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23358

CVE-2026-23358 affects the Linux kernel drm/amdgpu driver. The issue arises during slot reset error handling where an uninitialized hive pointer could be used to decide flow at the error path, potentially leading to accessing an uninitialized list. The fix initializes the list and hive properly a...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23358 drm/amdgpu: Fix error handling in slot reset

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
OSV
OSV
added 2026/03/23 2:19 p.m.24 views

MAL-2026-2112 Malicious code in apply-hive-table (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd10a24231fb7b6830827a26ee11d450938fce94e811f0c233c6a63a8e3c98d9 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...

5.9AI score
Exploits0References5
hivepro
hivepro
added 2026/03/11 2:9 p.m.4 views

How Hive Pro Brings Comprehensive Security to  CrowdStrike and SentinelOne

& How HivePro Vulnerability Exposure Management VEM extends and amplifies the value of your existing endpoint security/EDR investments - turning detection strength into enterprise-wide vulnerability and exposure intelligence. The Challenge Your EDR is world-class. Your exposure visibility isn't...

5.8AI score
Exploits0
OSV
OSV
added 2026/02/28 2:48 a.m.9 views

GHSA-J8CJ-HW74-64JV Hive has Double-free and Use After Free Vulnerabilities

Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...

6AI score
Exploits0References5
RustSec
RustSec
added 2026/02/26 12:0 p.m.8 views

Double-free and use-after-free for Hive

Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...

5.9AI score
Exploits0Affected Software1
OSV
OSV
added 2026/02/26 12:0 p.m.5 views

RUSTSEC-2026-0029 Double-free and use-after-free for Hive

Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...

5.9AI score
Exploits0References3
Nuclei
Nuclei
added 2026/02/11 4:55 p.m.9 views

PropertyHive < 2.1.1 - Cross-Site Scripting

The Property Hive plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'phmessage' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.8AI score0.00604EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/02/04 12:0 a.m.165 views

📄 Microsoft Windows 11 Build 10.0.27898.1000 Advanced Admin Protection Bypass

This enhanced proof of concept demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smart‑pointer wrappers for handles, secure SID management, deep registry enumeration, privilege checks...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/02 12:31 p.m.5 views

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)

ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...

9.1CVSS7.7AI score0.00629EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.165 views

📄 Microsoft Windows 11 build 10.0.27898.1000 Local Privilege Escalation

Proof of concept exploit designed to test a potential local privilege escalation vulnerability in Windows, specifically targeting a feature called AiRegistrySync. It checks if modifications made by a standard user in their own Registry profile can be automatically synchronized propagated into the...

5.9AI score
Exploits0
hivepro
hivepro
added 2026/01/22 6:0 a.m.8 views

Don’t Just Replace Kenna- Evolve to Vulnerability Exposure Management

Cisco has announced the end-of-sale for Cisco Vulnerability Management formerly Kenna Security, leaving security teams with a critical decision: remain on a legacy path or transform. Yes, it is true that the Kenna Security platform will be supported until June 30th, 2028 but the platform won’t be...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/20 9:7 a.m.16 views

CVE-2025-59355

A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext...

6.5CVSS5.5AI score0.00403EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/19 9:48 a.m.5 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the checkJdbcConnParams and decode functions. An attacker can access sensitive information, such as plaintext passwords, by causing a Base64 decoding failure, which results in the...

6.5CVSS5.8AI score0.00403EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/19 9:30 a.m.9 views

Apache Linkis: Password Exposure

When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext passwords will b...

6.5CVSS5.5AI score0.00403EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder