Lucene search
+L

71 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-46807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate...

8.7CVSS7AI score0.00393EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.9 views

PT-2025-31917 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. Recommendations: At the moment, there is no information about a newer version that contains a...

5.5CVSS6.1AI score0.00117EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-4132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is...

5.5CVSS6.2AI score0.00255EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/08/03 8:55 p.m.7 views

Advisory ROSA-SA-2025-2914

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-7 affected versions tomcat-9.0.37-7 CVE-ID: CVE-2024-38286 BDU-ID: 2024-07738 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache Tomcat application server TLS protocol implementation is associated with uncontrolled...

8.6CVSS9.1AI score0.01702EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/10 7:11 p.m.19 views

CVE-2025-47111 Acrobat Reader | NULL Pointer Dereference (CWE-476)

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service...

5.5CVSS0.00289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.14 views

CVE-2024-22852

D-Link Go-RT-AC750 GORTAC750A1FWv101b03 contains a stack-based buffer overflow via the function genacgimain. This vulnerability allows attackers to enable telnet service via a specially crafted payload...

9.8CVSS7.3AI score0.01079EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:5 a.m.6 views

CVE-2024-57684

An access control issue in the component formDMZ.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request...

9.8CVSS6.8AI score0.1436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.9 views

CVE-2021-20694

Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors...

8.8CVSS6.8AI score0.01705EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:12 p.m.10 views

CVE-2020-8476

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.5CVSS6.6AI score0.0151EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.11 views

CVE-2019-19291

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0, SiNVR/SiVMS Video Server All versions V5.0.0. The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server CCS maintain log files that store login credentials in cleartext. In configurations...

6.5CVSS6.6AI score0.00749EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:58 a.m.7 views

CVE-2018-7715

PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the...

10CVSS7.7AI score0.02376EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.2 views

PCMan FTP Server TRACE Command Handler Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the TRACE command handler failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a denial of...

9.8CVSS7.6AI score0.0062EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/13 5:9 p.m.6 views

CVE-2025-30320 InDesign Desktop | NULL Pointer Dereference (CWE-476)

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requir...

5.5CVSS5.2AI score0.00207EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/30 12:0 a.m.5 views

ZTE GoldenDB Input Validation Vulnerability

ZTE GoldenDB is a financial-grade transactional distributed database from China's ZTE Corporation ZTE. It is used in finance, government and enterprise, telecom and other industries to provide highly available data services. An input validation vulnerability exists in ZTE GoldenDB, which can be...

5.3CVSS6.2AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 8:30 p.m.10 views

CVE-2025-30683

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

4.9CVSS6.4AI score0.00816EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/04/15 8:30 p.m.28 views

CVE-2025-21583

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...

4.9CVSS5.4AI score0.0081EPSS
Exploits0
NVD
NVD
added 2025/04/10 2:15 p.m.15 views

CVE-2025-32743

In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...

9CVSS0.00482EPSS
Exploits0References2
Redos
Redos
added 2025/04/03 12:0 a.m.7 views

ROS-20250403-06

A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...

4.9CVSS6.5AI score0.01236EPSS
Exploits0
CNVD
CNVD
added 2025/03/27 12:0 a.m.6 views

Unspecified vulnerability in Lunary (CNVD-2025-06939)

Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary version be54057 that stems from allowing users to upload and execute arbitrary regular expressions, which can be exploited by an attacker to potentially cause a denial of service...

7.5CVSS7.4AI score0.00761EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:9 a.m.59 views

CVE-2024-10572

CVE-2024-10572 affects h2oai/h2o-3 (v3.46.0.1). The vulnerability arises because the run_tool feature exposes classes in the water.tools package via the AST parser, enabling the XGBoostLibExtractTool . This can be exploited to shut down the server and write large files to arbitrary directories, r...

7.5CVSS7.7AI score0.00636EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder