Lucene search
K

135 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-2791

Malware in sbrugna...

6.4CVSS4.6AI score0.01821EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-3720

Malware in sbrugna...

4.3CVSS9.3AI score0.01349EPSS
Exploits1References52
Rockylinux
Rockylinux
added 2025/10/04 12:11 a.m.10 views

tomcat security update

An update is available for tomcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

9.8CVSS7AI score0.66933EPSS
Exploits18
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2748

Malicious code in bioql PyPI...

8.7CVSS7.9AI score0.00504EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24063

Malicious code in bioql PyPI...

4.7CVSS3.9AI score0.00148EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-21153

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.0044EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/01 12:0 a.m.3 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : OpenSSL vulnerabilities (USN-7786-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7786-1 advisory. Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to...

7.5CVSS7AI score0.02234EPSS
Exploits0References4
OSV
OSV
added 2025/09/22 12:0 a.m.6 views

ALSA-2025:16372 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Fix transport TOCTOU CVE-2025-38461 kernel: dochangetype: refuse to operate on unmounted/not ours mounts CVE-2025-38498 kernel: HID: core: Harden s32ton against conversion to 0 bit...

7.1CVSS6.5AI score0.00162EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.14 views

Oracle Linux 10 : kernel (ELSA-2025-15005)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15005 advisory. - tipc: Fix use-after-free in tipcconnclose. - CVE-2025-38464 - netsched: hfsc: Fix a potential UAF in hfscdequeue too - CVE-2025-37823 - RDMA/iwcm:...

7.8CVSS7.1AI score0.00176EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail i...

5.5CVSS6.1AI score0.00197EPSS
Exploits0References3
OSV
OSV
added 2025/05/29 5:15 p.m.6 views

PYSEC-2025-53

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First Token. These timing differences...

2.6CVSS7AI score0.00249EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.5 views

PT-2025-23116 · Mautic · Mautic

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: A security issue exists in the "Forget your password" functionality of Mautic, allowing unauthenticated users to enumerate valid usernames through a timing-based attack. This is due to...

5.3CVSS6.5AI score0.00267EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 6:42 a.m.9 views

CVE-2024-41828

In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time...

6.5CVSS7AI score0.00283EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:3 a.m.5 views

CVE-2023-20084

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...

5CVSS6.5AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:7 p.m.6 views

CVE-2009-2801

The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related to a "timing issue."...

6.4CVSS6.6AI score0.01821EPSS
Exploits0References1
Amazon
Amazon
added 2025/04/30 12:0 a.m.3 views

Medium: nss-softokn

Issue Overview: new tlsfuzzer code can still detect timing issues in RSA operations CVE-2023-4421 Affected Packages: nss-softokn Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

6.5CVSS9.1AI score0.00628EPSS
Exploits0
Cvelist
Cvelist
added 2025/03/21 12:0 a.m.25 views

CVE-2025-30344

An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/ endpoint, the system's response times differ depending on whether a user exists in the system. The timing discrepancy stems from the omitted hashing of the password e.g., more than 100 milliseconds...

5.3CVSS0.00297EPSS
Exploits1References1
OSV
OSV
added 2025/02/27 2:15 a.m.3 views

AZL-62559 CVE-2024-57974 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

4.7CVSS6.6AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:1 a.m.9 views

CVE-2022-49506

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add vblank register/unregister callback functions We encountered a kernel panic issue that callback data will be NULL when it's using in ovl irq handler. There is a timing issue between mtkdispovlirqhandler and...

5.5CVSS0.00245EPSS
Exploits0References4
CVE
CVE
added 2025/02/26 2:13 a.m.84 views

CVE-2022-49506

The CVE-2022-49506 issue affects the Linux kernel DRM/Mediatek path, where a race between the vblank callback registration and disabling vblank could yield NULL callback data in the ovl IRQ path, risking kernel panic. The documented fix adds a vblank callback registration flow: register callback ...

5.5CVSS5.2AI score0.00245EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder