Lucene search
+L

150 matches found

cnnvd
cnnvd
added 2025/07/24 12:0 a.m.6 views

2FAuth 安全漏洞

2FAuth is a web application from Bubka Personal Developers for managing two-factor authentication 2FA accounts and generating their security codes. A security vulnerability exists in 2FAuth version v5.5.0 that stems from a group deletion contention condition that could lead to data inconsistencie...

6.5CVSS6.8AI score0.00301EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/07/24 12:0 a.m.4 views

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

7.1AI score0.00301EPSS
Exploits1References2
osv
osv
added 2025/07/24 12:0 a.m.6 views

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

6.5CVSS7.1AI score0.00301EPSS
Exploits1References4
cve
cve
added 2025/07/24 12:0 a.m.20 views

CVE-2025-45731

CVE-2025-45731 relates to a group deletion race condition in the 2FAuth v5.5.0 application. The issue arises when a group is deleted while other operations are pending, leading to data inconsistencies and orphaned accounts. The connected documents confirm the affected product and the underlying c...

6.5CVSS6.6AI score0.00301EPSS
Exploits1References2Affected Software1
attackerkb
attackerkb
added 2025/07/24 12:0 a.m.4 views

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

6.5CVSS5.3AI score0.00301EPSS
Exploits1References3
bdu_fstec
bdu_fstec
added 2025/07/10 12:0 a.m.7 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the exposure to information due to inconsistencies, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the exposure of information due to inconsistencies. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...

5.4CVSS5.4AI score
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2025/06/03 12:0 a.m.17 views

The vulnerability of the SCADA system Pult.online, related to inconsistencies in responses to incoming requests, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system Pult.online is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending a specially crafted POST request...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2025/05/27 12:0 a.m.10 views

The vulnerability of the getObjWGFServiceApiByApiName() function in the security monitoring and management tool Trend Micro Apex Central allows a attacker to execute arbitrary code.

The vulnerability of the getObjWGFServiceApiByApiName function in the monitoring and security management tool Trend Micro Apex Central is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability could allow an attacker operating...

7.5CVSS7.5AI score0.01556EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/05/27 12:0 a.m.8 views

The vulnerability of the modTMCM widget of the security monitoring and management tool Trend Micro Apex Central allows a malicious actor to upload arbitrary files.

The vulnerability of the modTMCM widget in the Trend Micro Apex Central security monitoring and management tool is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability allows an attacker operating remotely to upload arbitrary...

4.3CVSS5.6AI score0.00247EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 12:46 a.m.5 views

CVE-2022-33744

Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged...

4.7CVSS6.9AI score0.00309EPSS
Exploits0References1
hackread
hackread
added 2025/05/21 9:5 p.m.40 views

Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up

Threat actor 'ByteBreaker' claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts...

7.3AI score
Exploits0
packetstormnews
packetstormnews
added 2025/05/20 12:0 a.m.5 views

GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis

The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/05/19 12:0 a.m.7 views

VulCPE: Context-Aware Cybersecurity Vulnerability Retrieval and Management

The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases like the National Vulnerability Database NVD. Inaccurate...

6.9AI score
Exploits0
github
github
added 2025/05/07 3:25 p.m.24 views

Mithril snapshots for Cardano database could be compromised by an adversary

Impact Mithril certification of Cardano database The Mithril network provides certification for snapshots of the Cardano database, enabling users to quickly bootstrap a Cardano node without relying on the slower peer-to-peer synchronization process. To generate a multi-signature, a minimum...

6.9AI score
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/05/06 12:0 a.m.6 views

The vulnerability of PARTS SOFT’s CMS, related to discrepancies in responses to incoming requests, allows a hacker to uncover the user’s identifier.

The vulnerability of the PARTS SOFT CMS content management system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows an attacker to disclose the user’s identifier by sending a specially crafted GET request...

7.8CVSS5.4AI score
Exploits0
cnnvd
cnnvd
added 2025/04/16 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of f2fs quotas, which could lead to data inconsistencies...

5.5CVSS6.4AI score0.00138EPSS
Exploits0References2
osv
osv
added 2025/03/20 10:10 a.m.4 views

CVE-2024-10264 HTTP Request Smuggling in netease-youdao/qanything

HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy and a server. This can lead to unauthorized access, bypassing security controls, session hijacking, data leakage, and...

7.5CVSS7.4AI score0.00874EPSS
Exploits1References3
nvd
nvd
added 2025/03/12 10:15 a.m.10 views

CVE-2025-21860

In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswapstorepage fails Commit b7c0ccdfbafd "mm: zswap: support large folios in zswapstore" skips charging any zswap entries when it failed to zswap the entire folio. However, when some base pages ar...

3.3CVSS0.00206EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/03/05 12:0 a.m.11 views

The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to inconsistencies in responses to incoming requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.5AI score0.00337EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/03/03 8:48 a.m.9 views

CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...

10CVSS6.6AI score0.00356EPSS
Exploits0References1
Rows per page
Query Builder