Lucene search
K

780 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-45576

Malicious code in bioql PyPI...

3.3CVSS4.5AI score0.0034EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-55296

Malicious code in bioql PyPI...

6.8AI score0.00157EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-1912

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01673EPSS
Exploits0References5
OSV
OSV
added 2025/10/03 7:56 p.m.8 views

RLSA-2025:11401 Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS4.6AI score0.03877EPSS
Exploits4References4
Debian CVE
Debian CVE
added 2025/10/03 7:27 p.m.8 views

CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

9.9CVSS7.9AI score0.86767EPSS
Exploits14
Debian CVE
Debian CVE
added 2025/10/03 7:12 p.m.3 views

CVE-2025-46819

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua...

7.1CVSS6.7AI score0.01023EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/03 6:38 p.m.4 views

CVE-2025-46818

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...

7.3CVSS6.7AI score0.00701EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/03 5:52 p.m.4 views

CVE-2025-46817

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting...

8.8CVSS7.5AI score0.03692EPSS
Exploits1
CNNVD
CNNVD
added 2025/09/21 12:0 a.m.4 views

H2O 安全漏洞

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A security vulnerability exists in H2O 3.46.08 and earlier versions, which stems from a deserialization operation of the parameter connectionurl in the file /99/ImportSQLTable, which could lead to a...

9.8CVSS6.4AI score0.00396EPSS
Exploits0References6
Fedora
Fedora
added 2025/09/16 1:15 a.m.4 views

[SECURITY] Fedora 42 Update: perl-Plack-Middleware-Session-0.36-1.fc42

This is a Plack Middleware component for session management. By default it will use cookies to keep session state and store data in memory. This distribution also comes with other state and store solutions...

7.3CVSS6.9AI score0.00329EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/10 9:17 p.m.7 views

CVE-2025-57816

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs...

7.5CVSS6.7AI score0.00406EPSS
Exploits0References1
NVD
NVD
added 2025/09/08 10:15 p.m.9 views

CVE-2025-57816

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs...

7.5CVSS0.00406EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/08 9:14 p.m.1 views

CVE-2025-57816 Fides Webserver API Rate Limiting Vulnerability in Proxied Environments

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs...

6.3CVSS6.3AI score0.00406EPSS
Exploits0References3
OSV
OSV
added 2025/09/08 9:14 p.m.4 views

CVE-2025-57816 Fides Webserver API Rate Limiting Vulnerability in Proxied Environments

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs...

6.3CVSS6.5AI score0.00406EPSS
Exploits0References5
OSV
OSV
added 2025/09/08 8:45 p.m.5 views

GHSA-FQ34-XW6C-FPHF Fides Webserver API Rate Limiting Vulnerability in Proxied Environments

Summary The Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs rather than client IPs, and stores counters in-memory rather than in a...

7.5CVSS7AI score0.00406EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/09/08 8:45 p.m.20 views

Fides Webserver API Rate Limiting Vulnerability in Proxied Environments

Summary The Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs rather than client IPs, and stores counters in-memory rather than in a...

7.5CVSS7AI score0.00406EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.6 views

PT-2025-36509

Name of the Vulnerable Software and Affected Versions: Fides versions prior to 2.69.1 Description: Fides is an open-source privacy engineering platform. The built-in IP-based rate limiting in the Fides Webserver API is ineffective in environments utilizing CDNs, proxies, or load balancers. The...

7.5CVSS6.3AI score0.00406EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/08/27 3:33 p.m.6 views

kernel: ext4: avoid resizing to a partial cluster size

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

5.5CVSS6.3AI score0.00157EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2025/08/26 1:30 p.m.7 views

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. "Instead of sending unsolicited...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-1257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSock...

6.5CVSS6.8AI score0.03279EPSS
Exploits0References2
Rows per page
Query Builder