Lucene search
K

8849 matches found

Ubuntu
Ubuntu
added 2025/08/11 11:27 p.m.5 views

USN-7690-1: OpenJDK 17 vulnerabilities

It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

8.6CVSS6.9AI score0.01058EPSS
Exploits1
OSV
OSV
added 2025/08/11 11:27 p.m.6 views

USN-7690-1 openjdk-17 vulnerabilities

It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

8.6CVSS6.9AI score0.01058EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/11 6:51 p.m.9 views

CVE-2025-8866

An authentication flaw has been discovered in YugabyteDB. Access is not properly enforced for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...

5.3CVSS7.3AI score0.00272EPSS
Exploits0References4
Fedora
Fedora
added 2025/08/11 5:4 p.m.8 views

[SECURITY] Fedora 42 Update: toolbox-0.2-1.fc42

Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...

9CVSS7.5AI score0.02541EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2025/08/11 4:25 p.m.5 views

CVE-2025-8866

YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...

5.1CVSS7.3AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/11 4:25 p.m.24 views

CVE-2025-8866

YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...

5.1CVSS0.00272EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 4:25 p.m.25 views

CVE-2025-8866

Summary: CVE-2025-8866 affects the YugabyteDB Anywhere web server, where the /metamaster/universe API endpoint does not properly enforce authentication. What’s affected: YugabyteDB Anywhere web server (specific versions not enumerated in provided documents). Root cause (as described): Authenticat...

5.1CVSS7.3AI score0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.5 views

PT-2025-32557 · Yugabyte · Yugabytedb Anywhere

Name of the Vulnerable Software and Affected Versions: YugabyteDB Anywhere affected versions not specified Description: The YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to...

5.1CVSS7.1AI score0.00272EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a struct ifaddrlblmsg to the network, ifalreserved remained uninitialized...

7.1CVSS6.6AI score0.00183EPSS
Exploits0References3
Chainguard
Chainguard
added 2025/08/09 1:17 p.m.9 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: multus-cni, kubevela, descheduler-fips, datadog-agent-fips, nuclei, prometheus-pushgateway-fips, openfga, aws-signer-notation-plugin, hydra-fips, consul-fips, cilium-envoy, ratify, gitlab-runner, consul, aws-ebs-csi-driver-fips, git-lfs-fips,...

5.8AI score
Exploits0
Amazon
Amazon
added 2025/08/08 12:0 a.m.6 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfscreatependingblockgroups CVE-2025-22115 In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and...

7.8CVSS6.5AI score0.00467EPSS
Exploits1
OSV
OSV
added 2025/08/07 7:52 a.m.8 views

CLSA-2025-1754553172 kernel: Fix of 17 CVEs

net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted CVE-2022-50126 - kernfs: fix potential NULL dereference in kernfsremove CVE-2022-50148 - md-raid10: fix KASAN warning CVE-2022-50211 - xhci: Fix...

7.8CVSS6.8AI score0.00224EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/08/07 7:0 a.m.6 views

net: clear the dst when changing skb protocol

...

6.5CVSS7AI score0.00148EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-22059

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following...

5.5CVSS6.1AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-22021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, ...

5.5CVSS6.7AI score0.00163EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.12 views

PT-2025-35956

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc4+ 3 Description A flaw exists in the Linux kernel’s hv netvsc component where a panic can occur during namespace deletion with Virtual Functions VF. The issue arises from moving a VF NIC to a new...

5.5CVSS7.6AI score0.00159EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-1382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A data race flaw was found in the Linux kernel, between where con is allocated and con-sock is set. This issue leads to a NULL pointer dereference when accessin...

4.7CVSS6.5AI score0.00184EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/08/05 6:1 p.m.5 views

kernel: net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

7.8CVSS6.8AI score0.00181EPSS
Exploits0References5
OSV
OSV
added 2025/08/05 3:18 p.m.8 views

USN-7686-1 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS6.4AI score0.01483EPSS
Exploits3References152
OSV
OSV
added 2025/08/05 7:48 a.m.8 views

USN-7685-2 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

9.8CVSS6.7AI score0.01483EPSS
Exploits0References11
Rows per page
Query Builder