Lucene search
K

264 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-58930

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.02242EPSS
Exploits5References5
Vulnrichment
Vulnrichment
added 2025/09/19 3:26 p.m.0 views

CVE-2025-39861 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

6.2AI score0.00142EPSS
Exploits0References4
OSV
OSV
added 2025/09/19 3:26 p.m.8 views

CVE-2025-39861 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

7.8CVSS6.2AI score0.00142EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/09/19 3:26 p.m.5 views

CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

7.8CVSS6.3AI score0.00142EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/10 8:45 p.m.5 views

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:23 p.m.6 views

vhost_task: Handle SIGKILL by flushing work and exiting

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-30219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and...

6.1CVSS6.8AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/08/27 10:41 a.m.8 views

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/27 8:37 a.m.6 views

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/08/19 3:31 p.m.7 views

at.ganzleicht.vaadin:vaadin-server (>=9.1.1 <=9.1.3), br.com.thiagomoreira.liferay.plugins.fix-virtual-host-app:fix-virtual-host-hook (>=2.0.0 <=5.1.0) +663 more potentially affected by CVE-2025-43740 via com.liferay.portal:com.liferay.portal.kernel (>=100.0.0 <=9.4.0)

com.liferay.portal:com.liferay.portal.kernel MAVEN version =100.0.0, =9.1.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =1.0.0.RELEASE - com.gitee.pif...

5.4CVSS5.8AI score0.00201EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

AlmaLinux 8 : kernel-rt (ALSA-2025:13961)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13961 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: netsched: ets: Fix double list add in class with netem as child...

7.8CVSS7.2AI score0.00181EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-22083

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vhost-scsi: Fix handling of multiple calls to vhostscsisetendpoint If vhostscsisetendpoint is called multiple times without a vhostscsiclearendpoint between...

7.8CVSS6.8AI score0.00183EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-14835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs,...

7.8CVSS7.2AI score0.00627EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.6 views

CVE-2023-28346

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc. despite Virtual Host Routing being used to block this access. Remote attackers can interact wit...

7.3CVSS6.9AI score0.00884EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.6 views

CVE-2021-43437

In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. Thi...

8.8CVSS7AI score0.01227EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.4 views

CVE-2021-35492

Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this...

6.5CVSS6.7AI score0.03284EPSS
Exploits1References1
OSV
OSV
added 2025/03/27 7:51 a.m.10 views

BIT-RABBITMQ-2025-30219 RabbitMQ has XSS Vulnerability in an Error Message in Management UI

RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...

6.1CVSS6.2AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 2025/03/25 11:15 p.m.3 views

DEBIAN-CVE-2025-30219

RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...

6.1CVSS6.7AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2025/03/25 11:15 p.m.14 views

AZL-59276 CVE-2025-30219 affecting package rabbitmq-server for versions less than 3.11.24-3

RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...

6.1CVSS6.3AI score0.00203EPSS
Exploits0References1
Rows per page
Query Builder