Lucene search
K

381 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49398

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49399

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-41162

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0045EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/01 11:29 p.m.5 views

SUSE CVE-2023-53509

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

6.7AI score0.00145EPSS
Exploits0References7
NVD
NVD
added 2025/10/01 12:15 p.m.8 views

CVE-2023-53509

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

5.5CVSS0.00145EPSS
Exploits0References3
OSV
OSV
added 2025/10/01 12:15 p.m.9 views

AZL-75107 CVE-2023-53509 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References1
OSV
OSV
added 2025/10/01 12:15 p.m.3 views

UBUNTU-CVE-2023-53509

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/10/01 11:45 a.m.7 views

CVE-2023-53509 qed: allow sleep in qed_mcp_trace_dump()

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

0.00145EPSS
Exploits0References3
CVE
CVE
added 2025/10/01 11:45 a.m.20 views

CVE-2023-53509

CVE-2023-53509 : In the Linux kernel qed_mcp_trace_dump() path, the code previously slept due to a 10µs-delayed loop in qed_mcp_cmd_and_union() which can spin up to 500k iterations, potentially blocking a thread for several seconds. The vulnerability description states that sleeping is permitted ...

5.5CVSS6.3AI score0.00145EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/21 12:11 a.m.17 views

CVE-2025-57296

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the subADBC0 helper function concatenates these user-supplied values into...

6.5CVSS8.2AI score0.03316EPSS
Exploits1References1
NVD
NVD
added 2025/09/19 4:15 p.m.6 views

CVE-2025-57296

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the subADBC0 helper function concatenates these user-supplied values into...

6.5CVSS0.03316EPSS
Exploits1References3
OSV
OSV
added 2025/09/19 4:15 p.m.5 views

CVE-2025-57296

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the subADBC0 helper function concatenates these user-supplied values into...

6.5CVSS6.2AI score0.03316EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/09/19 12:0 a.m.2 views

CVE-2025-57296

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the subADBC0 helper function concatenates these user-supplied values into...

7.8AI score0.03316EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2025/08/21 3:9 a.m.212 views

Exploit for CVE-2025-57105

CVE-2025-57105 Command Injection BUGAuthor Xingyu Wu...

9.8CVSS8.2AI score0.0288EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-3359

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel brcmnvramparse in drivers/nvmem/brcmnvram.c. Lacks for the check of the return value of kzalloc can cause the NULL...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/11 3:24 p.m.12 views

CVE-2025-7027 SMM Arbitrary Write via Dual-Controlled Pointers in CommandRcx1

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

0.00199EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/11 2:47 p.m.6 views

CVE-2025-3052

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability...

8.2CVSS8.6AI score0.00347EPSS
Exploits1References7
CERT
CERT
added 2025/06/10 12:0 a.m.22 views

A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable

Overview UEFI firmware applications DTBios and BiosFlashShell from DTResearch contain a vulnerability that allows Secure Boot to be bypassed using a specially crafted NVRAM variable. The vulnerability stems from improper handling of a runtime NVRAM variable that enables an arbitrary write...

8.2CVSS8.6AI score0.00347EPSS
Exploits1References6
CERT
CERT
added 2025/06/10 12:0 a.m.12 views

A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM variable, which is used as trusted storage for a digital certificate in the trust validation chain. An...

7.8CVSS9.3AI score0.00404EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 9:59 a.m.6 views

CVE-2024-23238

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to edit NVRAM variables...

7.1CVSS5.8AI score0.00213EPSS
Exploits0References1
Rows per page
Query Builder