Lucene search
K

6767 matches found

OSV
OSV
added 2025/03/04 2:15 p.m.12 views

CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

7.6CVSS7.7AI score
Exploits0References7
Debian CVE
Debian CVE
added 2025/03/04 1:31 p.m.12 views

CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

7.6CVSS8.1AI score0.00294EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2017-5967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The time subsystem in the Linux kernel through 4.9.9, when CONFIGTIMERSTATS is enabled, allows local users to discover real PID values as distinguished from PID...

4CVSS6.6AI score0.00334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-14304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user ...

4.4CVSS6.6AI score0.00358EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2016-2085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users...

5.5CVSS6.4AI score0.00442EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/04 12:0 a.m.6 views

PT-2025-9658 · Mozilla +10 · Firefox +10

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 136 Firefox ESR versions prior to 115.21 Firefox ESR versions prior to 128.8 Description: The issue arises when the JIT compiles WASM i32 return values on 64-bit CPUs, potentially picking up bits from leftover memory...

10CVSS8.6AI score0.1307EPSS
Exploits9References397
Snyk
Snyk
added 2025/03/03 6:31 p.m.3 views

CSV Injection

Overview Affected versions of this package are vulnerable to CSV Injection in the ServiceDBStore when exporting a CSV. Remediation Upgrade org.apache.ranger:security-admin-web to version 2.6.0 or higher. References - Apache Jira Issues - GitHub Commit - GitHub Commit - OSS Security Advisory -...

9.8CVSS7.2AI score0.00723EPSS
Exploits0References2
OSV
OSV
added 2025/03/03 6:15 p.m.7 views

CVE-2025-27371

In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...

6.9CVSS5.8AI score0.00321EPSS
Exploits0References5
NVD
NVD
added 2025/03/03 6:15 p.m.10 views

CVE-2025-27371

In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...

6.9CVSS0.00321EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.5 views

Apache Ranger 安全漏洞

Apache Ranger is a set of architectures from the Apache USA Foundation that implement comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing, and data protection. A...

9.8CVSS6.4AI score0.00723EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/02 12:0 a.m.2 views

Incorta 安全漏洞

Incorta is an enterprise-grade data analytics and business intelligence platform from Incorta USA that rapidly enables data insights and decision support. A security vulnerability exists in Incorta version 2023.4.3, which stems from improper handling of the Service Name parameter in the Edit...

5.3CVSS5AI score0.00304EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/01 12:0 a.m.5 views

WordPress plugin Nokri 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.5AI score0.02163EPSS
Exploits0References4
OSV
OSV
added 2025/02/28 11:9 a.m.4 views

CLSA-2025-1740740956 flatpak: Fix of CVE-2023-28101

CVE-2023-28101: fix issue of hiding elevated permissions by setting crafted values containing non-printable control characters...

5CVSS5.8AI score0.00887EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/28 2:22 a.m.2 views

SUSE CVE-2025-21707

In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the bitmask before parsi...

5.5CVSS7.6AI score0.00196EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2025/02/27 2:56 a.m.4 views

SUSE CVE-2025-27219

In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when...

5.3CVSS6.9AI score0.00784EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/02/27 2:18 a.m.25 views

CVE-2025-21787 team: better TEAM_OPTION_TYPE_STRING validation

In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING validation syzbot reported following splat 1 Make sure user-provided data contains one nul byte. 1 BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:633 inline BUG: KMSAN: uninit-value in...

0.00225EPSS
Exploits0References8
OSV
OSV
added 2025/02/27 2:15 a.m.1 views

DEBIAN-CVE-2025-21707

In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the bitmask before parsi...

5.5CVSS5.7AI score0.00196EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/02/26 7:14 p.m.13 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.1 security update

An update is now available for Red Hat OpenShift GitOps v1.15.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7AI score0.0124EPSS
Exploits0References8
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49325

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

5.5CVSS5.5AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49325

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

5.5CVSS6.1AI score0.00246EPSS
Exploits0References7
Rows per page
Query Builder