Lucene search
K

40447 matches found

BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.5 views

The vulnerability of the Booco business automation platform, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to the system and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Booco business automation platform is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system and compromise the confidentiality, integrity, and...

10CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.3 views

The vulnerability of the DHCP Server Service for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the DHCP Server Service for Windows operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS5.5AI score0.01488EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inadequate RCU protection and could lead to read after release...

4.7CVSS7.9AI score0.001EPSS
Exploits0References3
ICS
ICS
added 2025/06/17 6:0 a.m.3 views

LS Electric GMWin 4

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.2AI score
Exploits0References10
CNVD
CNVD
added 2025/06/17 12:0 a.m.3 views

Wyse Management Suite WMS Information Disclosure Vulnerability

Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. An information disclosure vulnerability exists in...

7.5CVSS6.5AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.1 views

Trend Micro Apex One 代码问题漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that stems from an uncontrolled search path that could lead to local elevation of privilege...

7.8CVSS6.1AI score0.0013EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.4 views

The vulnerability of the IBM Storage Protect data protection software platform for virtual environments lies in its authentication mechanisms’ deficiencies, which allow attackers to circumvent existing security restrictions.

The vulnerability of the IBM Storage Protect data protection software for virtual environments is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions from a remote location...

7.7CVSS5.5AI score0.00473EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.4 views

The vulnerability of the implementation of the WOPI protocol for the ONLYOFFICE Docs office online package allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the WOPI protocol implementation in the ONLYOFFICE Docs online package DocumentServer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially...

6.4CVSS5.2AI score0.34859EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/06/16 12:1 p.m.3 views

SUSE-SU-2025:01487-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

7.4CVSS6.5AI score0.00688EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Use RCU protection in ovsvportcmdfillinfo. ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF Use-After-Free errors...

7.8CVSS6.4AI score0.00227EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw89: Fixed a race condition between cancelhwscan and hwscancompletion. The rtwdev-scanning flag was not originally protected by a mutex. As a result, cancelHWSCAN could pass the condition, but suddenly hwscancompletion...

7.8CVSS6.4AI score0.00187EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquiring SRCU in KVMGETMPSTATE to protect guest memory accesses Acquiring a lock on kvm-srcu when userspace is obtaining the MP state can lead to a severe edge case where processing APIC events, such as during pending...

5.5CVSS5.6AI score0.00161EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Check the return value of vxlanvnigroupinit. vxlaninit must check the success of vxlanvnigroupinit. Otherwise, a crash may occur later, as detected by syzbot. Oops: General protection fault. This likely relates to a...

5.5CVSS6.4AI score0.00205EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.0 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: USB: Type-C: Fix for NULL pointer access Concurrent calls to typecpartnerunlinkdevice can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex also...

5.5CVSS6.1AI score0.00162EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. The rcureadlock function must be acquired earlier, so that we can use devnetrcu, and potential...

7.8CVSS6.4AI score0.08906EPSS
Exploits0References3
Wired Threat Level
Wired Threat Level
added 2025/06/16 10:0 a.m.17 views

How to Protect Yourself From Phone Searches at the US Border

Customs and Border Protection has broad authority to search travelers’ devices when they cross into the United States. Here’s what you can do to protect your digital life while at the US border...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.6 views

The vulnerability of the commercial vBulletin web forum, related to improper protection of the alternative path, allows a hacker to execute arbitrary code.

The vulnerability of the commercial vBulletin web forum is related to improper protection of an alternative path. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.69649EPSS
Exploits4References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: curl (TSSA-2022:0142)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0142 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.1CVSS6.7AI score0.03425EPSS
Exploits4References5
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.6 views

The vulnerability of the IDE Assets component in the Xcode development environment allows a hacker to gain unauthorized access to protected information.

The vulnerability of the IDE Assets component in the Xcode development environment is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.4AI score0.00238EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.4 views

The vulnerability of the vBulletin commercial web forum, related to improper protection of the alternative path, allows attackers to bypass existing security restrictions and execute arbitrary code.

The vulnerability of the commercial vBulletin web forum is related to improper protection of an alternative path. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...

9CVSS8.3AI score0.48358EPSS
Exploits2References2Affected Software2
Rows per page
Query Builder