Lucene search
K

575 matches found

RedHat Linux
RedHat Linux
added 2 days ago4 views

io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS5.9AI score0.00292EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.7 views

keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.11 views

io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS5.3AI score0.00292EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/15 8:35 a.m.13 views

CVE-2026-47691

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS4.9AI score0.00292EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/10 10:4 p.m.8 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 9:17 p.m.9 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
Redos
Redos
added 2026/04/07 12:0 a.m.8 views

ROS-20260407-73-0022

A vulnerability in the netfilter component of the Linux operating system kernel is related to errors in updating the reference counter. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial-of-service condition...

5.5CVSS6.1AI score0.0016EPSS
Exploits0
Redos
Redos
added 2026/03/23 12:0 a.m.14 views

ROS-20260323-73-0027

A vulnerability in the tmptcp components of the Linux operating system kernel is related to state management errors. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

7.8CVSS5.8AI score0.00146EPSS
Exploits0
CNVD
CNVD
added 2026/03/17 12:0 a.m.2 views

Huawei HarmonyOS Resource Scheduling Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS resource scheduling module, which can be exploited by an attacker to compromise integrity...

5.5CVSS5.8AI score0.00109EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/03/10 12:0 a.m.3 views

The vulnerabilities of the i40e components of the Linux operating system allow attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the i40e components of the Linux operating system’s kernel is related to incorrect calculation of buffer sizes. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

4.6CVSS7.4AI score0.00193EPSS
Exploits0References15Affected Software4
Redos
Redos
added 2026/02/02 12:0 a.m.9 views

ROS-20260202-73-0043

A vulnerability in the dispc.c component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

5.5CVSS5.5AI score0.00241EPSS
Exploits0
Redos
Redos
added 2026/01/21 12:0 a.m.9 views

ROS-20260121-73-0033

A vulnerability in the ksmbd component of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

8.8CVSS7.5AI score0.00606EPSS
Exploits0
Redos
Redos
added 2026/01/21 12:0 a.m.10 views

ROS-20260121-73-0031

A vulnerability in the kernel/trace component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

7.8CVSS7AI score0.00246EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.8 views

CVE-2022-23455

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...

7.8CVSS7.4AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.7 views

CVE-2021-27602

SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malicious code in the...

9.9CVSS7.7AI score0.02001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.7 views

CVE-2021-33672

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...

9.6CVSS7.2AI score0.011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.10 views

CVE-2022-42269

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components...

7.9CVSS6.2AI score0.0018EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/12/15 12:0 a.m.3 views

The vulnerabilities of components of the Linux operating system’s kernel allow attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of components of the Linux operating system’s kernel relates to the exposure of information. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

5.8CVSS6.6AI score0.00152EPSS
Exploits0References16Affected Software6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-14022

Malware in sbrugna...

6.5CVSS6.6AI score0.00304EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-28061

Malware in sbrugna...

7.8CVSS7.5AI score0.00865EPSS
Exploits0References3
Rows per page
Query Builder