Lucene search
K

70 matches found

CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU5 contained security vulnerabilities. These vulnerabilities were due to authentication bypass vulnerabilities, which could allow...

8.6CVSS7.5AI score0.81089EPSS
Exploits0References2
Fedora
Fedora
added 2025/11/06 2:24 a.m.6 views

[SECURITY] Fedora 42 Update: qt5-qtlocation-5.15.18-1.fc42

The Qt Location and Qt Positioning APIs gives developers the ability to determine a position by using a variety of possible sources, including satellite, or wifi, or text file, and so on...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/05 4:9 p.m.10 views

SUSE-SU-2025:20983-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 - CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 - CVE-2025-38617: net/packet: fix a race in packetsetrin...

7.8CVSS6.3AI score0.00288EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.6 views

PT-2025-44547

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.2 Description Nagios XI versions prior to 5.7.2 are susceptible to cross-site scripting XSS through the background color settings within Dashboards. This is due to inadequate validation or escaping of...

5.4CVSS6AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2025/10/13 10:15 p.m.3 views

CVE-2025-62391

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00751EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 10:15 p.m.3 views

CVE-2025-62392

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS6AI score0.00752EPSS
Exploits0References1
NVD
NVD
added 2025/09/15 8:15 p.m.4 views

CVE-2025-59143

color is a Javascript color conversion and manipulation library. On 8 September 2025, the npm publishing account for color was taken over after a phishing attack. Version 5.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...

8.8CVSS0.00378EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/09/11 3:44 p.m.5 views

Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...

8.5CVSS7.3AI score0.00369EPSS
Exploits3References34
SUSE Linux
SUSE Linux
added 2025/08/25 12:0 p.m.3 views

Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when sch-limi...

7.8CVSS7.8AI score0.00256EPSS
Exploits0References12
OSV
OSV
added 2025/07/08 11:15 a.m.5 views

CVE-2025-40739

A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the curre...

7.3CVSS5.9AI score
Exploits0References1
Oracle linux
Oracle linux
added 2025/04/28 12:0 a.m.56 views

glibc security update

2.34-125.0.1.8 - Forward-port Oracle patches for ol9-u5 glibc-2.34-125.0.1.8 Reviewed by: David Faust Oracle history:...

7.5CVSS7.5AI score0.00349EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 7:54 a.m.3 views

CVE-2024-29823

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

9.6CVSS9.9AI score0.9986EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 4:17 p.m.3 views

CVE-2024-33492

A vulnerability has been identified in Solid Edge All versions V224.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...

7.8CVSS5.9AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 4:17 p.m.1 views

CVE-2024-33493

A vulnerability has been identified in Solid Edge All versions V224.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...

7.8CVSS5.9AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 4:17 p.m.2 views

CVE-2024-33490

A vulnerability has been identified in Solid Edge All versions V224.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...

7.8CVSS5.9AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 4:17 p.m.3 views

CVE-2024-33489

A vulnerability has been identified in Solid Edge All versions V224.0 Update 5. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...

7.8CVSS6.2AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/23 12:0 a.m.5 views

PT-2024-6573 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge versions prior to V224.0 Update 5 Description: The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the...

7.8CVSS8.2AI score0.00235EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/23 12:0 a.m.4 views

PT-2024-4459 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge versions prior to V224.0 Update 5 Description: A vulnerability has been identified that involves an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker t...

7.8CVSS8.2AI score0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.4 views

PT-2023-24689 · Zoom · Zoom Rooms For Windows

Name of the Vulnerable Software and Affected Versions: Zoom Rooms for Windows versions prior to 5.15.0 Description: The issue is related to an insecure temporary file in the installer, which may allow an authenticated user to enable an escalation of privilege via local access. Recommendations: Fo...

8.2CVSS7.4AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.8 views

PT-2023-3755 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom versions prior to 5.14.0 Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which can be exploited by a remote attacker to execute arbitrary code. This can potentially cause...

8.3CVSS7.5AI score0.00953EPSS
Exploits0References7
Rows per page
Query Builder