Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.7 views

SUSE CVE-2026-29111

systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this i...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/03/11 6:23 p.m.5 views

CVE-2019-25463

SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...

6.9CVSS6.1AI score0.00132EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 3:59 p.m.6 views

Malicious code in elf-stats-sprucey-snowman-250 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985dc0068af9fe29b65ed1a6bcd3ac544044ef5843f05a1149a1b5c87661c351 The package elf-stats-sprucey-snowman-250 was found to contain malicious code...

7AI score
Exploits0
CVE
CVE
added 2025/03/18 6:59 p.m.66 views

CVE-2025-25040

CVE-2025-25040 affects HPE Aruba CX 9300 CX-9300 switches running AOS-CX. The issue is in port ACL enforcement on routed ports for egress traffic, allowing bypass of ACLs and potential unauthorized traffic flow. Affected: AOS-CX 10.14.xxxx (all patches) and 10.15.xxxx (10.15.1000 and below). Not ...

3.3CVSS4AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2023/10/11 10:15 p.m.9 views

AZL-79060 CVE-2023-39325 affecting package golang 1.25.7-1

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.6AI score0.03796EPSS
Exploits0References1
OSV
OSV
added 2023/10/11 10:15 p.m.13 views

AZL-35121 CVE-2023-39325 affecting package prometheus-adapter for versions less than 0.12.0-1

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.6AI score0.03796EPSS
Exploits0References1
Circl
Circl
added 2022/07/29 8:13 p.m.7 views

CVE-2022-2577

creationtimestamp| type| source ---|---|--- 2022-07-29 20:13:43+00:00| seen| https://t.me/cibsecurity/47268...

8.8CVSS8.1AI score0.0059EPSS
Exploits1References1
Circl
Circl
added 2022/04/25 8:36 p.m.7 views

CVE-2022-25866

creationtimestamp| type| source ---|---|--- 2022-04-25 20:36:39+00:00| seen| https://t.me/cibsecurity/41409...

9.8CVSS8.7AI score0.03772EPSS
Exploits1References1
OSV
OSV
added 2020/09/21 6:21 p.m.5 views

OPENSUSE-SU-2020:1497-1 Security update for singularity

This update for singularity fixes the following issues: New version 3.6.3, addresses the following security issues: - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

8.8CVSS8.7AI score0.0204EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2020/06/10 12:0 a.m.4 views

The vulnerability of the software for configuring Schneider Electric Easergy Builder controllers and the micro-software for the modular controller used in automating transformer substations (Schneider Electric Easergy T300, HU250) lies in its weak password requirements. This allows a hacker to compromise the user’s credentials.

The vulnerability of the software for configuring Schneider Electric Easergy Builder controllers and the micro-software for the modular controller used in automating transformer substations—Schneider Electric Easergy T300 HU250—is related to weak password requirements. Exploiting this vulnerabili...

7.5CVSS7.2AI score0.01252EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2017/09/07 12:0 a.m.4 views

Pivotal Software Cloud Foundry cf-release and CAPI-release denial of service vulnerabilities

Pivotal Software Cloud Foundry CF is a suite of open source Platform-as-a-Service PaaS cloud computing platforms from Pivotal Software in the United States, which provides container scheduling, continuous delivery, and automated service deployment, among other capabilities. cf-release and...

6.5CVSS6.5AI score0.00974EPSS
Exploits0References1
Rows per page
Query Builder