Lucene search
K

97 matches found

NVD
NVD
added 2026/04/03 4:16 p.m.5 views

CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

9.8CVSS0.0049EPSS
Exploits0References35
OSV
OSV
added 2026/04/03 4:16 p.m.6 views

UBUNTU-CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

9.8CVSS5.9AI score0.0049EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.2 views

CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

9.8CVSS5.8AI score0.0049EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/03 3:16 p.m.25 views

CVE-2026-31402 nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

9.8CVSS0.0049EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:16 p.m.6 views

CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

9.8CVSS5.8AI score0.0049EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/04/03 3:16 p.m.92 views

CVE-2026-31402

CVE-2026-31402 affects the Linux kernel NFSv4.0 server (nfsd) via the LOCK replay cache. A large lock owner in a denied LOCK can cause a slab-out-of-bounds write into the 112-byte replay buffer, corrupting adjacent heap memory. The issue can be triggered remotely by two cooperating NFSv4.0 client...

9.8CVSS5.8AI score0.0049EPSS
Exploits0References35Affected Software1
OSV
OSV
added 2026/04/02 8:59 p.m.7 views

GHSA-HHQ4-97C2-P447 OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass

Summary Zalo webhook replay cache cross-target messageId scope bypass Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: v2026.3.28 replay dedupe is still keyed too broadly, but the issue should stay scoped to authenticated sibling-target delivery paths rather tha...

4.2CVSS5.9AI score0.00266EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/02 8:59 p.m.9 views

OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass

Summary Zalo webhook replay cache cross-target messageId scope bypass Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: v2026.3.28 replay dedupe is still keyed too broadly, but the issue should stay scoped to authenticated sibling-target delivery paths rather tha...

5.4CVSS6AI score0.00266EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.8 views

PT-2026-30185

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System daemon nfsd contained a heap overflow in the NFSv4.0 LOCK replay cache. The NFSv4.0 replay cache uses a fixed 112-byte inline buffer to store encod...

9.8CVSS6.4AI score0.0049EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/30 2:13 p.m.5 views

CVE-2025-64131

Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...

7.5CVSS6.5AI score0.00387EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/29 3:31 p.m.6 views

EUVD-2025-36652

Jenkins SAML Plugin does not implement a replay cache...

7.5CVSS6.4AI score0.00387EPSS
Exploits0References3
OSV
OSV
added 2025/10/29 2:15 p.m.6 views

CVE-2025-64131

Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...

7.5CVSS6.6AI score0.00387EPSS
Exploits0References2
CVE
CVE
added 2025/10/29 1:29 p.m.21 views

CVE-2025-64131

CVE-2025-64131 concerns the Jenkins SAML Plugin (versions up to 4.583.vc68232f7018a_ and earlier) not implementing a replay cache for SAML authentication flow. The absence of a replay cache allows an attacker who can observe the SAML exchange to replay requests and authenticate as the target user...

7.5CVSS6.3AI score0.00387EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.8 views

CVE-2025-64131

Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...

0.00387EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.7 views

Jenkins SAML Plugin 安全漏洞

Jenkins SAML Plugin is an open source single sign-on plugin for Jenkins. A security vulnerability exists in Jenkins SAML Plugin 4.583.vc68232f7018a and prior versions, which stems from an unimplemented replay cache, which could allow an attacker to authenticate by replaying SAML authentication...

7.5CVSS6.6AI score0.00387EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.7 views

PT-2025-44280

Name of the Vulnerable Software and Affected Versions Jenkins SAML Plugin versions 4.583.vc68232f7018a and earlier Description The Jenkins SAML Plugin does not implement a replay cache. This allows attackers who can gather information about the SAML authentication process between a user’s web...

7.5CVSS6.5AI score0.00387EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-17762

Malware in sbrugna...

7.5CVSS7.8AI score0.01426EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27518

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.00368EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/12 7:11 a.m.4 views

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

9.1CVSS8.2AI score0.00368EPSS
Exploits0References1
NVD
NVD
added 2025/09/10 7:15 a.m.7 views

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

9.1CVSS0.00368EPSS
Exploits0References5
Rows per page
Query Builder