Lucene search
K

15 matches found

CNNVD
CNNVD
added 2025/12/30 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from corrupted zero-page contents that could cause a userspace program to crash...

6.1AI score0.00188EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-0240

Malware in sbrugna...

6.1CVSS6.2AI score0.00924EPSS
Exploits0References6
Amazon
Amazon
added 2024/11/15 12:0 a.m.7 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow CVE-2024-43853 In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media CVE-2024-43854 ...

7.8CVSS6.8AI score0.00879EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/10/13 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-44947)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44947 advisory. - In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page content...

5.5CVSS6.1AI score0.00879EPSS
Exploits2References2
Microsoft CVE
Microsoft CVE
added 2024/10/12 7:0 a.m.3 views

fuse: Initialize beyond-EOF page contents before setting uptodate

...

5.5CVSS6.7AI score0.00879EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2024/09/03 2:22 a.m.8 views

SUSE CVE-2024-44947

In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...

5.5CVSS6.3AI score0.00879EPSS
Exploits2References33
Cvelist
Cvelist
added 2024/04/23 4:46 a.m.32 views

CVE-2024-31857

Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote attacker may obtain user information etc. and alter the page contents on the user's web browser...

6AI score0.00632EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.4 views

PT-2024-15903 · WordPress · S2Member

Name of the Vulnerable Software and Affected Versions: s2Member plugin for WordPress versions prior to 230816 Description: The issue allows unauthenticated attackers to expose information via the API, making it possible to see the contents of posts and pages. Recommendations: For versions prior t...

5.3CVSS9.5AI score0.0056EPSS
Exploits0References3
CVE
CVE
added 2024/03/12 8:34 a.m.94 views

CVE-2024-0906

CVE-2024-0906 concerns the WordPress plugin “f(x) Private Site.” The vulnerability allows unauthenticated attackers to access page and post contents protected by the plugin via the plugin’s API. Affected are all versions up to and including 1.2.1. The included Red Hat advisory corroborates the sa...

5.3CVSS6AI score0.00468EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.9 views

PT-2023-18930 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: pimcore/pimcore versions prior to 10.5.21 Description: The issue allows malicious JavaScript to access all the same objects as the rest of the web page, including access to cookies and local storage, which are often used to store session...

7.3CVSS6.5AI score0.0109EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2020/07/09 2:47 p.m.19 views

CVE-2020-12412

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain with the https:// scheme, a blocked port number such as '1', and without a lock icon while controlling the page contents. This vulnerability affects Firefox 70...

4.3CVSS4.1AI score0.00778EPSS
Exploits0
OSV
OSV
added 2016/10/25 12:0 a.m.3 views

UBUNTU-CVE-2016-5288

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox 49.0.2...

5.9CVSS6.9AI score0.01798EPSS
Exploits0References3
Metasploit
Metasploit
added 2014/10/30 3:34 p.m.31 views

Android Open Source Platform (AOSP) Browser UXSS

This module exploits a Universal Cross-Site Scripting UXSS vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scriptin...

6.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.2 views

NetCommons cross-site scripting vulnerability

Overview NetCommons is an open source content management system, combining e-learning and groupware functionality. NetCommons is developed and distributed by the NetCommons Project. NetCommons contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's...

6.8CVSS6.2AI score0.01251EPSS
Exploits0References7
NVD
NVD
added 2007/02/08 6:28 p.m.16 views

CVE-2007-0854

Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager WHM allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used...

7.5CVSS7.5AI score0.06078EPSS
Exploits1References10
Rows per page
Query Builder