Lucene search
K

139 matches found

CNNVD
CNNVD
added 2025/09/15 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unvalidated rport pointer that could lead to a null pointer dereference...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

SUSE SLED15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2025:02914-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02914-1 advisory. - Update to Docker 28.3.3-ce. - CVE-2025-54388: Fixed a bug where firewalld when reloaded can make...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

SUSE SLES12 Security Update : docker (SUSE-SU-2025:02913-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02913-1 advisory. - Update to Docker 28.3.3-ce. - CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote...

5.1CVSS6.1AI score0.00215EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/08/19 12:56 p.m.5 views

Security update for docker

This update for docker fixes the following issues: Update to Docker 28.3.3-ce. CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. bsc1247367 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

5.2CVSS6.8AI score0.00215EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are t...

5.5CVSS6.1AI score0.00208EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/06/19 3:43 a.m.6 views

SUSE CVE-2022-50038

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are two refcount leak bugs: 1 when breaking out of foreachendpointofnode, we need call the ofnodeput for the 'ep'; 2 we should call ofnodeput...

5.5CVSS6.3AI score0.00208EPSS
Exploits0References11
OSV
OSV
added 2025/06/18 11:15 a.m.1 views

DEBIAN-CVE-2022-50109

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and ofgraphgetremoteportparent which have increased the refcount. Besides, we...

5.5CVSS5.4AI score0.00208EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.1 views

DEBIAN-CVE-2022-50038

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are two refcount leak bugs: 1 when breaking out of foreachendpointofnode, we need call the ofnodeput for the 'ep'; 2 we should call ofnodeput...

5.5CVSS5.3AI score0.00208EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.4 views

UBUNTU-CVE-2022-50038

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are two refcount leak bugs: 1 when breaking out of foreachendpointofnode, we need call the ofnodeput for the 'ep'; 2 we should call ofnodeput...

5.5CVSS6AI score0.00208EPSS
Exploits0References9
Packet Storm
Packet Storm
added 2025/04/14 12:0 a.m.402 views

📄 CrushFTP 9.x / 10.8.4 / 11.3.1 Server-Side Request Forgery / Directory Traversal

CrushFTP versions 9.x, 10.x through 10.8.4, and 11.x through 11.3.1 suffer from server-side request forgery and directory traversal vulnerabilities. !-- Exploit Title: Server-Side Request Forgery SSRF in CrushFTP 10.7.1 and 11.1.0 as well as legacy 9.x Date: 2024-10-20 Exploit Author: Rafael...

5CVSS7AI score0.12119EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/04/12 12:31 p.m.578 views

Exploit for Improper Authentication in Automattic Woocommerce_Payments

CVE-2023-28121 usage: CVE-2023-28121.py -h -v RHOST R...

9.8CVSS9.8AI score0.86919EPSS
Exploits9
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.3 views

SUSE CVE-2022-49156

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...

5.5CVSS7.4AI score0.00252EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/02/27 3:8 a.m.4 views

SUSE CVE-2022-49332

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Address NULL pointer dereference after stargettorport Calls to stargettorport may return NULL. Add check for NULL rport before dereference...

5.5CVSS7.8AI score0.00215EPSS
Exploits0References10
OSV
OSV
added 2025/02/26 7:0 a.m.1 views

DEBIAN-CVE-2022-49156

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...

5.5CVSS5.3AI score0.00252EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.9 views

UBUNTU-CVE-2022-49156

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-49305

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.27.0 Description The cpp-httplib library has a flaw where attacker-controlled HTTP headers can influence server metadata, logging, and authorization decisions. An attacker can inject headers such as REMOTE ADDR,...

10CVSS7.8AI score0.00307EPSS
Exploits2References31
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.5 views

kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

5.5CVSS6.8AI score0.00249EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2024/09/05 5:3 a.m.16 views

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of...

7.5AI score
Exploits0
NVD
NVD
added 2024/08/26 11:15 p.m.18 views

CVE-2024-43798

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented AUTH environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. Anyone running the Chisel server that is...

8.6CVSS0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/26 10:32 p.m.17 views

CVE-2024-43798 Chisel AUTH environment variable not respected in server entrypoint

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented AUTH environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. Anyone running the Chisel server that is...

8.6CVSS0.0045EPSS
Exploits0References1
Rows per page
Query Builder