Lucene search
K

6765 matches found

Cvelist
Cvelist
added 2025/04/11 10:57 a.m.27 views

CVE-2024-52282 Rancher Helm Applications may have sensitive values leaked

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher allowing any users with GET access to the Rancher Manager Apps Catalog to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing lo...

6.2CVSS0.00371EPSS
Exploits0References2
OSV
OSV
added 2025/04/11 8:24 a.m.5 views

CLSA-2025-1744359874 Update of gnutls

fips: Zeroize temporary values in integrity check RHEL-21870...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2025/04/08 4:0 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS6.9AI score0.01383EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS6.9AI score0.01383EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS6.9AI score0.01383EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.2 views

Dell Common Event Enabler 安全漏洞

Dell Common Event Enabler is a framework from Dell USA. An unauthorized access vulnerability exists in Dell Common Event Enabler, which arises from the use of insecure default values when initializing resources, and can be exploited by an attacker to cause unauthorized access...

6.5CVSS6.7AI score0.00244EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.3 views

PT-2025-15615

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A logical bug exists in handling lazy-loaded values during unparceling. This issue is being actively exploited. Recommendations: At the moment, there is no information about a newer version...

9.8CVSS6.2AI score0.00236EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.3 views

PT-2025-32996

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.1.2-1 Description: ImageMagick is software used for editing and manipulating digital images. A memory corruption issue occurs when preparing to transform from Log to sRGB colorspaces, specifically when the...

8.8CVSS6.5AI score0.04065EPSS
Exploits7References39
RedhatCVE
RedhatCVE
added 2025/04/07 4:48 p.m.17 views

CVE-2024-57835

Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand function, which is not cryptographically secure...

5.5CVSS6.9AI score0.00245EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/04 2:59 a.m.2 views

SUSE CVE-2025-21932

In the Linux kernel, the following vulnerability has been resolved: mm: abort vmamodify on merge out of memory failure The remainder of vmamodify relies upon the vmg state remaining pristine after a merge attempt. Usually this is the case, however in the one edge case scenario of a merge attempt...

5.5CVSS6.5AI score0.00173EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/03 7:19 a.m.1 views

CVE-2025-22001 accel/qaic: Fix integer overflow in qaic_validate_req()

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...

7.7AI score0.00164EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/04/03 12:38 a.m.131 views

Exploit for CVE-2025-31864

CVE-2025-31864 1️⃣ Component type WordPress plugin 2️...

5.9CVSS6.1AI score0.00295EPSS
Exploits1
NVD
NVD
added 2025/04/02 2:15 a.m.11 views

CVE-2025-2779

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/02 1:44 a.m.5 views

CVE-2025-2779 Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...

6.5CVSS6.8AI score0.00251EPSS
Exploits0References2
CVE
CVE
added 2025/04/02 1:44 a.m.66 views

CVE-2025-2779

The CVE-2025-2779 entry describes a vulnerability in the WordPress plugin Insert Headers and Footers Code – HT Script where a missing capability check in ajax_dismiss (versions

6.5CVSS6.8AI score0.00251EPSS
Exploits0References2
OSV
OSV
added 2025/04/01 4:15 p.m.18 views

AZL-60273 CVE-2025-21959 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

5.5CVSS6.3AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 4:15 p.m.18 views

CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

5.5CVSS0.00185EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/04/01 3:41 p.m.13 views

CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...

0.00148EPSS
Exploits0References2
CVE
CVE
added 2025/04/01 3:41 p.m.51 views

CVE-2025-21952

CVE-2025-21952 relates to the Linux kernel and affects the corsair-void subsystem. The issue occurs when corsair_void_process_receiver is invoked from an interrupt context, where it previously locked battery_mutex, risking a kernel panic. The fix relocates the critical section into its own work i...

5.5CVSS7AI score0.00148EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/04/01 3:41 p.m.5 views

CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...

5.5CVSS6.4AI score0.00148EPSS
Exploits0References5
Rows per page
Query Builder