Lucene search
+L

95 matches found

AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pdscore: removed the “write-after-free” issue related to clientid. A use-after-free error was encountered during stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write at pdscauxbusdevdel+0xef/0x160 pdscore. M...

7.8CVSS6.3AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2025/05/20 4:15 p.m.2 views

DEBIAN-CVE-2025-37916

In the Linux kernel, the following vulnerability has been resolved: pdscore: remove write-after-free of clientid A use-after-free error popped up in stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write in pdscauxbusdevdel+0xef/0x160 pdscore Mon Apr 21 21:21:33 2025...

7.8CVSS6.2AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/28 12:0 a.m.3 views

PT-2025-22178

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free error was discovered in the Linux kernel, specifically in the pds core module. This issue arose during stress testing and is related to the pdsc auxbus dev del function...

7.8CVSS7.1AI score0.00172EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.8 views

GraphAttack: Exploiting Representational Blindspots in LLM Safety Mechanisms

Large Language Models LLMs have been equipped with safety mechanisms to prevent harmful outputs, but these guardrails can often be bypassed through "jailbreak" prompts. This paper introduces a novel graph-based approach to systematically generate jailbreak prompts through semantic transformations...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.9 views

The vulnerability of the SIEM systems’ load testing tools, Kraken Stress Testing Toolkit, arises due to deficiencies in the authentication process, allowing unauthorized users to gain access to protected information.

The vulnerability of the SIEM systems’ stress testing tools, such as Kraken Stress Testing Toolkit, stems from deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.8 views

The vulnerability of the SIEM systems’ load testing tool, Kraken Stress Testing Toolkit, arises from the improper use of X-Content-Type-Options headers. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to the improper use of X-Content-Type-Options headers for protection mechanisms. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and...

7.2CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the reading beyond the buffer in memory, allowing a malicious actor to trigger a service failure.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS5.7AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-15257 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с некорректным ограничением визуализированных слоев пользовательского интерфейса. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, нарушить целостность защищаемой информаци...

5CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.8 views

PT-2025-15263 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании...

7.8CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-15262 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании...

7.8CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-15258 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с некорректным использованием механизмов защиты Content Security Policy CSP. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность...

7.2CVSS7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-15261 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit связана с неверным ограничением имени пути к каталогу. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...

6.8CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-15259 · General · Kraken Stress Testing Toolkit

Уязвимость инструмента нагрузочного тестирования SIEM-систем Kraken Stress Testing Toolkit вызвана недостатками процедуры авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...

4.6CVSS7.3AI score
Exploits0References2
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-52932

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...

5.5CVSS5.3AI score0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/27 4:37 p.m.1 views

CVE-2023-52932 mm/swapfile: add cond_resched() in get_swap_pages()

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...

7.2AI score0.00192EPSS
Exploits0References7
OSV
OSV
added 2025/03/12 4:15 p.m.6 views

CVE-2025-25568

SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN software, but is instead in a separate tool that has no untrusted input and runs under the user's o...

9.8CVSS5.8AI score0.00543EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-42071

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need...

5.5CVSS5.5AI score0.0021EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/27 3:12 a.m.6 views

SUSE CVE-2022-49090

In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopology to call updatesiblingsmasks to transfer the toplogy to the various cpu masks. This needs to be done before the call to...

5.5CVSS6.3AI score0.00231EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

5.5CVSS5.2AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:1 a.m.12 views

CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

5.5CVSS0.00188EPSS
Exploits0References4
Rows per page
Query Builder