Lucene search
K

40442 matches found

RedhatCVE
RedhatCVE
added 2025/06/25 10:55 p.m.12 views

CVE-2025-6526

A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...

3.1CVSS3.7AI score0.00501EPSS
Exploits1References1
NVD
NVD
added 2025/06/25 5:15 p.m.5 views

CVE-2025-52576

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...

5.3CVSS0.00299EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/25 4:46 p.m.8 views

CVE-2025-52576 Kanboard vulnerable to Username Enumeration via Login Behavior and Bruteforce Protection Bypass

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...

5.3CVSS0.00299EPSS
Exploits0References4
OSV
OSV
added 2025/06/25 4:46 p.m.5 views

CVE-2025-52576 Kanboard vulnerable to Username Enumeration via Login Behavior and Bruteforce Protection Bypass

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...

5.3CVSS6.6AI score0.00299EPSS
Exploits0References6
CVE
CVE
added 2025/06/25 4:46 p.m.31 views

CVE-2025-52576

Kanboard prior to version 1.2.46 is vulnerable to username enumeration and IP spoofing–based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can enumerate valid usernames and bypass rate-limiting or IP-based blocking mechanisms, increasing ...

5.3CVSS7.1AI score0.00299EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/06/25 3:48 p.m.24 views

CVE-2025-50179

Summary: CVE-2025-50179 affects Tuleap. The vulnerability is a cross-site request forgery (CSRF) that could allow an attacker to trick victims into changing canned responses. Affected products are Tuleap Community Edition prior to 16.8.99.1749830289 and Tuleap Enterprise Edition prior to 16.9-1. ...

4.6CVSS7.1AI score0.00147EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/06/25 2:7 p.m.17 views

CVE-2025-48991

CVE-2025-48991 describes a cross-site request forgery vulnerability in Tuleap that could allow an attacker to trick victims into changing canned tracker responses. Affected versions: Tuleap Community Edition prior to 16.8.99.1748845907; Tuleap Enterprise Edition prior to 16.8-3 and prior to 16.7-...

4.6CVSS7.1AI score0.00147EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/06/25 2:7 p.m.6 views

CVE-2025-48991 Tuleap missing CSRF protection on tracker canned responses administration

Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap Community Edition prior to version 16.8.99.1748845907 and Tuleap Enterprise Edition prior to versions 16.8-3 and 16.7-5 to trick victims into...

4.6CVSS0.00147EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/06/25 2:6 p.m.6 views

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.7 security and bug fix update

OpenShift API for Data Protection OADP 1.3.7 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS6.7AI score0.00856EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2025/06/25 12:56 p.m.6 views

Many data brokers are failing to register with state consumer protection agencies

Hundreds of data brokers haven't registered with state consumer protection agencies, according to The Electronic Frontier Foundation EFF and Privacy Rights Clearinghouse PRC. There are different kinds of data brokers, but what they all have in common is that they gather personally identifiable...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/06/25 12:46 a.m.11 views

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

7.8CVSS7.2AI score0.00228EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/25 12:16 a.m.4 views

wildfly-elytron: possible timing attacks via use of unsafe comparator

A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or...

7.4CVSS5.8AI score0.00584EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.5 views

Generative AI for Vulnerability Detection in 6G Wireless Networks: Advances, Case Study, and Future Directions

The rapid advancement of 6G wireless networks, IoT, and edge computing has significantly expanded the cyberattack surface, necessitating more intelligent and adaptive vulnerability detection mechanisms. Traditional security methods, while foundational, struggle with zero-day exploits, adversarial...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.2 views

Pioneer DMH-WT7600NEX 数据伪造问题漏洞

The Pioneer DMH-WT7600NEX is a multimedia digital media receiver from Pioneer. The Pioneer DMH-WT7600NEX suffers from a Data Forgery Issue vulnerability that stems from insufficient root filesystem protection, which could lead to authentication bypass...

6.8CVSS5AI score0.00221EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.3 views

Kanboard 安全漏洞

Kanboard is a suite of open source visual task board software from Kanboard Open Source. The software has the ability to customize the panels to suit your business. A security vulnerability exists in Kanboard versions prior to 1.2.46 that stems from username enumeration and IP spoofing could lead...

5.3CVSS6.3AI score0.00299EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.2 views

XNU VM_BEHAVIOR_ZERO_WIRED_PAGES Read-Only Write

XNU VMBEHAVIORZEROWIREDPAGES suffers from a flaw that allows writing to read-only pages...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.5 views

PT-2025-26861 · Kanboard · Kanboard

Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.46 Description: Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, it is vulnerable to username enumeration and IP spoofing-based brute-force protection...

5.3CVSS6.4AI score0.00299EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.1 views

CodeGuard: a Generalized and Stealthy Backdoor Watermarking for Generative Code Models

Generative code models GCMs significantly enhance development efficiency through automated code generation and code summarization. However, building and training these models require computational resources and time, necessitating effective digital copyright protection to prevent unauthorized lea...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.4 views

Empowering Digital Agriculture: a Privacy-Preserving Framework for Data Sharing and Collaborative Research

Data-driven agriculture, which integrates technology and data into agricultural practices, has the potential to improve crop yield, disease resilience, and long-term soil health. However, privacy concerns, such as adverse pricing, discrimination, and resource manipulation, deter farmers from...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
added 2025/06/25 12:0 a.m.10 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: idpf: fix idpfvccoreini...

7.8CVSS7.5AI score0.00272EPSS
Exploits0References9
Rows per page
Query Builder