Lucene search
K

7104 matches found

Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.14 views

Security Incentivization: An Empirical Study of How Micropayments Impact Code Security

Security often receives insufficient developer attention because it does not directly generate visible value, leading to underinvestment in practice. We evaluate a countermeasure by team-level incentives tied to measurable security improvements over time. Our semi-automated mechanism aggregates...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

HCL BigFix SCM Reporting 安全漏洞

HCL BigFix SCM Reporting is a security configuration management reporting component developed by the Indian company HCL. HCL BigFix SCM Reporting has a security vulnerability that stems from the use of outdated and unsupported jQuery 1.x libraries. This vulnerability may increase the risk of...

8.3CVSS5.5AI score0.00212EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.48 views

May 12, 2026—KB5087544 (OS Builds 19045.7291 and 19044.7291)

May 12, 2026—KB5087544 OS Builds 19045.7291 and 19044.7291 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...

8.8CVSS5.8AI score0.02419EPSS
Exploits0
OSV
OSV
added 2026/05/08 3:16 p.m.11 views

UBUNTU-CVE-2026-43385

In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...

7.5CVSS5.7AI score0.00344EPSS
Exploits0References5
CVE
CVE
added 2026/05/08 2:22 p.m.21 views

CVE-2026-43431

In the Linux kernel xHCI host controller driver, CVE-2026-43431 stems from a NULL pointer dereference when reading portli debugfs files. The bug occurs if xhci->max_ports counts more port registers than the number reported by Supported Protocol capabilities, which can happen when max_ports exc...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2026/05/07 12:0 a.m.6 views

ROS-20260507-73-0009

Vulnerability in tomcat related to flaws in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.5CVSS6AI score0.03494EPSS
Exploits1
Redos
Redos
added 2026/05/07 12:0 a.m.9 views

ROS-20260507-73-0010

Vulnerability in tomcat10 related to a flaw in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.5CVSS6AI score0.03494EPSS
Exploits1
Redos
Redos
added 2026/05/07 12:0 a.m.8 views

ROS-20260507-73-0011

Vulnerability in tomcat11 related to a flaw in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.5CVSS6AI score0.03494EPSS
Exploits1
EUVD
EUVD
added 2026/05/06 9:31 p.m.5 views

EUVD-2025-209704

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/06 7:56 p.m.10 views

CVE-2026-43171

A flaw was found in the Linux kernel's EFI/CPER component. This vulnerability occurs because the cperprintfwerr function does not adequately validate the length of error records against a provided offset. A malicious or malformed firmware could exploit this by providing an offset that causes an...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/06 6:2 p.m.6 views

CVE-2025-31960 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 6:2 p.m.16 views

CVE-2025-31960

CVE-2025-31960 affects HCL BigFix Service Management (SM). In the reporting module, improper error handling when a consumer_company parameter is supplied in a report-viewing request can trigger an unhandled exception, leading to information exposure. CVSS:3.1 base score 5.3 (MEDIUM), network acce...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:2 p.m.36 views

CVE-2025-31960 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

5.3CVSS0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27677

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

5.9AI score0.00123EPSS
Exploits0References8
NVD
NVD
added 2026/05/06 12:16 p.m.29 views

CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.5CVSS0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:29 a.m.5 views

CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

5.9AI score0.00123EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/06 11:29 a.m.20 views

CVE-2026-43279

The CVE-2026-43279 entry concerns the Linux kernel ALSA USB-audio subsystem. A discrepancy between playback and capture stream setups (e.g., USB core max packet size) can cause out-of-bounds writes to the buffer, potentially crashing the system. A fix was implemented by adding a sanity check of t...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.46 views

CVE-2026-43266 EFI/CPER: don't go past the ARM processor CPER record buffer

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

0.00119EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-38085

Name of the Vulnerable Software and Affected Versions HCL BigFix Service Management SM affected versions not specified Description Improper error handling within the reporting module leads to information exposure. Supplying an invalid or out-of-range value to the consumer company parameter during...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management SM has a security vulnerability. This vulnerability stems from improper error handling in the reporting module. When invalid or out-of-range...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder