Lucene search
+L

1845 matches found

Redos
Redos
added 2026/04/03 12:0 a.m.7 views

ROS-20260403-73-0037

A vulnerability in the doregisterframebuffer function of the fbdev/core/fbmem.c component of the Linux kernel is related to writing outside the buffer boundaries. Exploitation of the vulnerability allows an attacker to violate the integrity and availability of protected information...

7.8CVSS6.7AI score0.00174EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.6 views

CVE-2026-2273

CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...

7.2CVSS6AI score0.00227EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/03/25 12:0 a.m.3 views

The vulnerability of the loop_queue_rq() function in the drivers/block/loop.c module of the Linux kernel’s block devices driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loopqueuerq function in the drivers/block/loop.c module of the Linux kernel’s block devices driver is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References12Affected Software3
Redos
Redos
added 2026/03/24 12:0 a.m.14 views

ROS-20260324-73-0010

A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

5.5CVSS6AI score0.00155EPSS
Exploits0
Redos
Redos
added 2026/03/24 12:0 a.m.13 views

ROS-20260324-73-0015

A vulnerability in the ipv6 component of the Linux operating system kernel is associated with the execution of a loop with an inaccessible exit condition. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

5.5CVSS6.2AI score0.00147EPSS
Exploits0
Redos
Redos
added 2026/03/20 12:0 a.m.7 views

ROS-20260320-73-0013

A vulnerability in the Golang programming language is related to errors in the certificate authentication procedure. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

10CVSS7.1AI score0.00765EPSS
Exploits1
Redos
Redos
added 2026/03/17 12:0 a.m.7 views

ROS-20260317-73-0030

A vulnerability in the net/xfrm component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...

7.8CVSS5.7AI score0.0015EPSS
Exploits0
Redos
Redos
added 2026/03/13 12:0 a.m.10 views

ROS-20260313-73-0016

A vulnerability in the dell-wmi-sysman component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

5.5CVSS7.3AI score0.00156EPSS
Exploits0
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10572

CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...

7.2CVSS5.9AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2026/03/10 5:38 p.m.5 views

CVE-2026-27685

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...

9.1CVSS0.00551EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/10 5:18 p.m.1 views

CVE-2026-2273

CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...

7.2CVSS5.9AI score0.00227EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 12:17 a.m.4 views

CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/03/10 12:0 a.m.4 views

The vulnerability of the i40e_validate_cloud_filter() function in the drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c file of the Intel Ethernet network adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the i40evalidatecloudfilter function in the drivers/net/ethernet/intel/i40e/i40evirtchnlpf.c file of the Intel Ethernet network adapter driver for the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacke...

7CVSS7.2AI score0.00197EPSS
Exploits0References27Affected Software6
EUVD
EUVD
added 2026/03/09 6:31 p.m.6 views

EUVD-2025-208431

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS6.3AI score0.01441EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005925)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005925 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The...

7.8CVSS5.8AI score0.00571EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/03/06 12:0 a.m.4 views

The vulnerability of Moxa industrial computers lies in the insufficient protection of registration data, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Moxa industrial computers lies in the insufficient protection of registration data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.2CVSS5.8AI score0.00222EPSS
Exploits0References2Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/03/02 12:0 a.m.6 views

The vulnerability of the tcp_disconnect() function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tcpdisconnect function in the net/ipv4/tcp.c module of the Linux kernel’s IPv4 protocol implementation is related to improper release of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

7.8CVSS7.2AI score0.00147EPSS
Exploits0References35Affected Software7
ATTACKERKB
ATTACKERKB
added 2026/02/26 2:49 a.m.5 views

CVE-2026-25963

Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...

6.5CVSS5.3AI score0.00191EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/16 7:29 p.m.11 views

CVE-2024-36319

Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...

6.3CVSS5.6AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.5 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.8CVSS5.6AI score0.00101EPSS
Exploits0References1
Rows per page
Query Builder