Lucene search
K

21952 matches found

CVE
CVE
added 2026/03/25 8:20 p.m.11 views

CVE-2025-14974

CVE-2025-14974 affects IBM InfoSphere Information Server 11.7.0.0–11.7.1.6 and is caused by insecure direct object reference (IDOR). Potential impact: unauthorized access to protected objects with high confidentiality impact as per sources. Affected versions and remediation are documented in IBM’...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/25 8:20 p.m.22 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 8:20 p.m.4 views

CVE-2025-14974 IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.9AI score0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:20 p.m.9 views

CVE-2025-14974

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference IDOR...

5.7CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/25 7:54 p.m.5 views

EUVD-2026-14500

AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr...

5.3CVSS5.8AI score0.00175EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/25 6:24 p.m.2 views

CVE-2026-23296

A flaw was found in the Linux kernel's SCSI core. A reference count leak, a type of resource management issue, occurs when tearing down a SCSI host due to an error in the tagsetrefcnt mechanism. This can cause the system to hang, leading to a Denial of Service DoS for the affected system...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 6:13 p.m.3 views

CVE-2026-23284

A flaw was found in the Linux kernel's mtkethsoc driver. This vulnerability occurs when an error in the mtkopen routine within mtkxdpsetup leads to an incorrect reset of the eBPF Extended Berkeley Packet Filter program pointer without properly decreasing its reference count. This improper resourc...

5.7AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 5:42 p.m.2 views

CVE-2026-23291

A flaw was found in the Linux kernel's nfc: pn533 driver. When a device is disconnected, a reference count on the USB interface is not properly dropped, leading to a dangling reference. This resource management issue may lead to system instability or a denial of service DoS...

5.7AI score0.00123EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 5:23 p.m.5 views

CGA-F43X-F635-VFQ3

Bulletin has no description...

7.5CVSS5.7AI score0.02818EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.3 views

SUSE CVE-2026-23283

In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM runtime reference leak in fp9931hwmonread In fp9931hwmonread, if regmapread failed, the function returned the error code without calling pmruntimeputautosuspend, causing a PM reference leak...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.2 views

SUSE CVE-2026-23284

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.5 views

SUSE CVE-2026-23291

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.7 views

SUSE CVE-2026-23314

In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xxregdtparsegpio In bq257xxregdtparsegpio, if fails to get subchild, it returns without calling ofnodeputchild, causing the device node reference leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.4 views

SUSE CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.5 views

SUSE CVE-2026-23380

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/25 4:45 p.m.4 views

Malicious Package

Overview json-lucide is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.24 views

CVE-2026-32535 WordPress JS Help Desk plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through = 3.0.3...

6.5CVSS0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.26 views

CVE-2026-32533 WordPress LatePoint plugin <= 5.2.6 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through = 5.2.6...

6.5CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2025-69347 WordPress WPSubscription plugin <= 1.8.10 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through = 1.8.10...

8.6CVSS0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/25 3:47 p.m.4 views

CVE-2026-23314

A flaw was found in the Linux kernel, specifically within the regulator: bq257xx subsystem. This vulnerability, a device node reference leak, occurs when the bq257xxregdtparsegpio function fails to properly manage system resources. An attacker could potentially exploit this to cause a denial of...

5.8AI score0.00121EPSS
Exploits0References4
Rows per page
Query Builder