Lucene search
+L

30 matches found

Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29876

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, multiple notification API endpoints are registered without authentication middleware, while sibling endpoints in the same codebase correctly use ClusterKeyAuthorization.isAuthorizedServiceMiddleware. Thes...

9.2CVSS5.8AI score0.006EPSS
Exploits1References5
CVE
CVE
added 2026/03/06 4:43 a.m.23 views

CVE-2026-28682

Gokapi CVE-2026-28682 affects the self-hosted file sharing server Gokapi prior to 2.2.3. The vulnerability lies in the upload status SSE implementation for /uploadStatus, which previously published the global upload state to any authenticated listener and included file_id values not scoped to the...

6.4CVSS5.9AI score0.00133EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/03 9:19 p.m.8 views

CVE-2025-69207

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

7.1CVSS5.6AI score0.00361EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unreleased xid, which could lead to an xid leak...

6.1AI score0.00168EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.8 views

PT-2025-53974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's CIFS implementation within the cifs ses add channel function. Specifically, the function fails to free a transaction ID xid before returning, leading ...

7.8CVSS7AI score0.00462EPSS
Exploits2References894
OSV
OSV
added 2025/12/24 11:15 a.m.5 views

UBUNTU-CVE-2023-54003

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

6.2AI score0.00173EPSS
Exploits0References8
OSV
OSV
added 2025/12/24 10:55 a.m.5 views

CVE-2023-54003 RDMA/core: Fix GID entry ref leak when create_ah fails

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

6.4AI score0.00173EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/16 2:4 p.m.33 views

CVE-2025-68233 drm/tegra: Add call to put_pid()

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

0.00162EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/03 9:44 a.m.4 views

kernel: cifs: Fix xid leak in cifs_ses_add_channel()

A transaction ID xid leak was found in the CIFS/SMB filesystem. When adding a new channel fails, the allocated xid is not freed, leading to gradual exhaustion of the xid pool...

5.7AI score0.00168EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27766

Malicious code in bioql PyPI...

9.4CVSS6.2AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/01 11:45 a.m.6 views

CVE-2022-50460 cifs: Fix xid leak in cifs_flock()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifsflock If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked...

0.00145EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/16 4:11 p.m.2 views

CVE-2022-50351 cifs: Fix xid leak in cifs_create()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscreate If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked...

6.1AI score0.00143EPSS
Exploits0References3
NVD
NVD
added 2025/08/27 11:15 a.m.4 views

CVE-2025-30038

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

7.3CVSS0.00157EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 10:20 a.m.17 views

CVE-2025-30038

The CVE-2025-30038 vulnerability concerns a session ID leak when saving a file downloaded from CGM CLININET. The exposed identifier is stored in an NTFS alternate data stream (ADS) via a built-in Windows security feature that preserves extra metadata for files downloaded from potentially untruste...

7.3CVSS6.2AI score0.00157EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 8:2 a.m.32 views

CVE-2025-47870 Team invite ID leaked to team admin with no member invite privileges

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore endpoint which allows an team admin with no member invite privileges to get the team’s invite id...

4.3CVSS0.00201EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/27 3:14 a.m.4 views

SUSE CVE-2021-47659

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in drmuniversalplaneinit shouldn't be hit it's a WARNON, in its current position it will then leak the plane-formattypes array and fail to cal...

3.3CVSS7.5AI score0.0026EPSS
Exploits0References10
CVE
CVE
added 2025/02/26 2:5 a.m.124 views

CVE-2021-47659

CVE-2021-47659 affects the Linux kernel DRM plane path. The vulnerability arises because the range check for format_count is performed late in __drm_universal_plane_init(); if format_count > 64 yields a WARN_ON, it can leak the plane->format_types array and skip drm_mode_object_unregister()...

5.5CVSS5.4AI score0.0026EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.3 views

kernel: Linux kernel: RDMA/core GID entry leak causes Denial of Service

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA core component. A local user with low privileges could trigger a Global Identifier GID entry reference leak when an Address Handle AH creation request fails. This resource leak could lead to system instability and a Denial of...

5.8AI score0.00173EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.9 views

TCL 安全漏洞

Tcl is a freely available open source package. It provides a powerful platform for creating integrated applications that tie together various applications, protocols, devices and frameworks. A security vulnerability exists in the TCL 30Z, A3X, 20XE, and 10L, which stems from the fact that certain...

8.8CVSS6.8AI score0.00454EPSS
Exploits0References2
OSV
OSV
added 2024/01/12 2:15 a.m.2 views

CVE-2024-0454

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

6.1CVSS5.7AI score0.00253EPSS
Exploits0References2
Rows per page
Query Builder