Lucene search
+L

139 matches found

Cvelist
Cvelist
added 2025/12/09 4:9 a.m.31 views

CVE-2025-40342 nvme-fc: use lock accessing port_state and rport state

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because...

0.00205EPSS
Exploits0References7
OSV
OSV
added 2025/12/09 4:9 a.m.6 views

CVE-2025-40342 nvme-fc: use lock accessing port_state and rport state

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because...

6.4AI score0.00205EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-40342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no...

6.2AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2025/12/05 7:15 p.m.4 views

UBUNTU-CVE-2025-66570

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...

10CVSS5.7AI score0.00307EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/05 6:18 p.m.7 views

EUVD-2025-201455

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...

10CVSS6.5AI score0.00307EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989414)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989414 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdele...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989807 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not...

5.5CVSS5.9AI score0.00249EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/30 12:31 a.m.5 views

EUVD-2025-36727

On affected platforms, restricted users could use SSH port forwarding to access host-internal services...

7.5CVSS6.3AI score0.00221EPSS
Exploits0References2
Veracode
Veracode
added 2025/10/29 8:10 a.m.9 views

Sensitive Information Exposure

com.liferay.portal, com.liferay.portal.kernel is vulnerable to Sensitive Information Exposure. The vulnerability is due to remote staging not properly obtaining the live site's remote address from the database, which allows remote authenticated users—who can obtain the staging server’s shared...

5.3CVSS6.8AI score0.0029EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986538)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986538 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not...

5.5CVSS5.9AI score0.00249EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2022-55309

Malicious code in bioql PyPI...

7.1AI score0.00208EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29221

Malicious code in bioql PyPI...

2.3CVSS6.4AI score0.0029EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/17 4:52 p.m.12 views

CVE-2025-43792

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

2.3CVSS6.7AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2025/09/16 5:15 p.m.5 views

CVE-2023-53322

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current code allows terminaterportio to exit before making sure all IOs has returned. For FCP-2 device, IO's can hang on in HW because drive...

7.8CVSS0.0014EPSS
Exploits0References8
Snyk
Snyk
added 2025/09/15 6:31 p.m.5 views

External Control of System or Configuration Setting

Overview Affected versions of this package are vulnerable to External Control of System or Configuration Setting in the staging of live sites. An attacker can exfiltrate sensitive data to an external server by supplying malicious values for the remoteAddress and remotePort parameters. Note: This ...

5.3CVSS6.6AI score0.0029EPSS
Exploits0References2
OSV
OSV
added 2025/09/15 6:31 p.m.7 views

GHSA-VP64-77C6-33H8 Liferay Portal has External Control of System or Configuration Settings

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

2.3CVSS6.7AI score0.0029EPSS
Exploits0References3
OSV
OSV
added 2025/09/15 5:15 p.m.6 views

CVE-2025-43792

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

5.3CVSS6.6AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/15 4:19 p.m.3 views

CVE-2025-43792

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

2.3CVSS6.3AI score0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/15 4:19 p.m.12 views

CVE-2025-43792

Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not properly obtain the remote address of the live site from th...

2.3CVSS0.0029EPSS
Exploits0References1
CVE
CVE
added 2025/09/15 4:19 p.m.25 views

CVE-2025-43792

CVE-2025-43792 affects Liferay Portal 7.4.0–7.4.3.105 and older unsupported versions, and Liferay DXP 2023.Q4.0/2023.Q3.x, where the live-site remote address is not reliably obtained from the database. This allows remote authenticated users to exfiltrate data to an attacker-controlled server via ...

5.3CVSS6.3AI score0.0029EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder