Lucene search
K

339 matches found

NVD
NVD
added 2025/05/02 4:15 p.m.7 views

CVE-2023-53048

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discoveridentity message Since both source and sink device can send discoveridentity message in PD3, kernel may dump below warning: ------------ cut here ------------ WARNING: CPU: 0 PID:...

5.5CVSS0.00165EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/05/02 2:6 a.m.328 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

✅ Result The server responded to an SSH message ID 80 0x5...

10CVSS8.8AI score0.97673EPSS
Exploits36
NVD
NVD
added 2025/05/01 3:16 p.m.9 views

CVE-2022-49862

In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in tipcnlcompatnametabledump" where it should have type casted sizeof.. to int to work whe...

5.5CVSS0.00166EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.5 views

Erlang/OTP 访问控制错误漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. An access control error vulnerability exists in Erlang/OTP versions prior to 27.3.3, which stems from an SSH protocol message...

10CVSS8.4AI score0.97673EPSS
Exploits36References6
FreeBSD
FreeBSD
added 2025/04/16 12:0 a.m.8 views

ejabberd -- mod_muc_occupantid: Fix handling multiple occupant-id

ejabberd team reports: Fixed issue with handling of user provided occupant-id in messages and presences sent to muc room. Server was replacing just first instance of occupant-id with its own version, leaving other ones untouched. That would mean that depending on order in which clients send...

7.2AI score
Exploits0References1
Debian CVE
Debian CVE
added 2025/04/14 2:45 p.m.11 views

CVE-2025-32914

A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...

7.4CVSS7.4AI score0.00676EPSS
Exploits0
NVD
NVD
added 2025/04/01 4:15 p.m.8 views

CVE-2025-21947

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

8.1CVSS0.00352EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/01 3:41 p.m.18 views

CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

8.1CVSS0.00352EPSS
Exploits0References5
OSV
OSV
added 2025/04/01 3:41 p.m.9 views

CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

4.7CVSS5.9AI score0.00352EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/03/21 12:0 a.m.6 views

SMF 跨站脚本漏洞

SMF Simple Machines Forum is a free, open source community forum project by Simple Machines Open Source. A cross-site scripting vulnerability exists in SMF version 2.1.4, which stems from improper manipulation of the subject/message parameter in the ManageNews.php file, which could lead to a...

6.1CVSS4.2AI score0.00362EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2022-2663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able ...

5.3CVSS6.6AI score0.01429EPSS
Exploits1References2
CVE
CVE
added 2025/02/27 2:12 a.m.101 views

CVE-2024-58019

The CVE-2024-58019 vulnerability affects the Linux kernel nvkm/gsp read-pointer handling for GSP messages. The issue arises when advancing the read pointer uses only RPC header and body size, causing misinterpretation of the next message after a two-page GSP message in non-rollback cases. This ca...

5.5CVSS6.2AI score0.0018EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/26 7:9 p.m.26 views

RLSA-2025:1673 Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

9.1CVSS5.5AI score0.16212EPSS
Exploits3References50
NVD
NVD
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49542

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 with LOGTRACEEVENT, the following hard lockup call trace hangs the system. Call Trace: rawspinlockirqsave+0x32/0x40...

5.5CVSS0.00188EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/11 10:27 a.m.10 views

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message...

1.8CVSS0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.3 views

PT-2025-6190 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue arises from the unsafe handling of error messages on the error page in affected versions of Octopus Server. If an adversary can control any part of the error message, they...

5.4CVSS6.3AI score0.00225EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/06 2:7 a.m.11 views

CVE-2022-25745

Memory corruption in modem due to improper input validation while handling the incoming CoAP message...

9.8CVSS7AI score0.00417EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/02/05 5:6 a.m.3 views

Multiple vulnerabilities in Defense Platform Home Edition

Overview Defense Platform Home Edition provided by Humming Heads Inc. contains multiple vulnerabilities listed below. Improper handling of message in specific process CWE-422 - CVE-2025-20094 Execution with unnecessary privileges CWE-250 - CVE-2025-22890 Improper handling of message in specific...

8.8CVSS8.1AI score0.00189EPSS
Exploits0References9
Veracode
Veracode
added 2025/02/03 5:20 a.m.8 views

Denial Of Service (DoS)

github.com/ethereum/go-ethereum is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of incoming messages, which allows a specially crafted message to trigger a crash or shutdown of the node...

8.7CVSS7AI score0.00681EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/29 6:24 p.m.9 views

CVE-2024-10001 Code Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message Handling

A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. This enabled the exfiltration of sensitive data by manipulating the DOM, including...

7.1CVSS7.2AI score0.00371EPSS
Exploits0References5
Rows per page
Query Builder