163 matches found
CVE-2025-25184
Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...
CVE-2024-57951
In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU transitions from CPUHPONLINE to halfway through a CPU hotunplug down to CPUHPHRTIMERSPREPARE, and then back to CPUHPONLINE: Since hrtimerspreparecpu...
CVE-2024-53966
creationtimestamp| type| source ---|---|--- 2025-02-04 23:58:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113948328441304887 2025-02-05 00:16:45+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfc77uxrg2b 2025-02-05 03:16:22+00:00| seen|...
GHSA-M4F6-VCJ4-W5MX
creationtimestamp| type| source ---|---|--- 2025-01-29 20:29:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113913533956588236 2025-01-29 21:11:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3398...
CERTFR-2022-ALE-003
creationtimestamp| type| source ---|---|--- 2025-01-29 16:41:35+00:00| seen| https://bsky.app/profile/tuxpanik.bsky.social/post/3lgvfxrxuqp2t...
CVE-2021-3978
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service this could allow for a vector, when...
CVE-2024-52325
creationtimestamp| type| source ---|---|--- 2025-01-23 16:01:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113878505637827040 2025-01-23 16:02:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2747 2025-01-23 16:15:59+00:00| seen|...
CVE-2025-0625
creationtimestamp| type| source ---|---|--- 2025-01-22 02:17:31+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgccgc5xsb2w 2025-01-22 02:50:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lgceant7qq2g 2025-01-22 03:51:36+00:00| seen|...
CVE-2025-21663
creationtimestamp| type| source ---|---|--- 2025-01-21 13:13:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113866519201601644 2025-01-21 13:16:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgawrfb2d62h 2025-01-21 13:39:31+00:00| seen|...
CVE-2025-23019
creationtimestamp| type| source ---|---|--- 2025-01-14 20:08:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1592 2025-01-14 20:16:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2ylw5cs2r 2025-01-14 22:22:41+00:00| seen| https://t.me/cvedetector/15351...
Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-1025)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-RGJM-6P59-537V
creationtimestamp| type| source ---|---|--- 2025-01-10 15:32:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113804779585524856 2025-01-10 15:35:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113804792773660712 2025-01-10 15:52:30+00:00| seen|...
CVE-2025-22152
creationtimestamp| type| source ---|---|--- 2025-01-10 15:32:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113804779585524856 2025-01-10 15:35:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113804792773660712 2025-01-10 15:52:30+00:00| seen|...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.6.0 ESR Fixed: Various security fixes. MFSA 2025-02 bsc1234991 CVE-2025-0237 bmo1915257 WebChannel APIs susceptible to confused deputy attack CVE-2025-0238 bmo1915535 Use-after-free when breaking lines...
CVE-2024-10106
creationtimestamp| type| source ---|---|--- 2025-01-09 14:57:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113798982541004567 2025-01-09 15:14:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/959 2025-01-09 15:15:47+00:00| seen|...
CVE-2024-13203
creationtimestamp| type| source ---|---|--- 2025-01-09 02:18:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113795995121279689 2025-01-09 03:13:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/876 2025-01-09 03:15:54+00:00| seen|...
CVE-2025-20166
creationtimestamp| type| source ---|---|--- 2025-01-08 16:15:48+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113793626771738794 2025-01-08 16:27:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113793673111799579 2025-01-08 17:15:42+00:00| seen|...
CVE-2024-51737
RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an...
CVE-2024-56447
creationtimestamp| type| source ---|---|--- 2025-01-08 03:10:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113790537431113615 2025-01-08 03:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7762xt2h22 2025-01-08 03:40:08+00:00| seen|...
CVE-2025-0226
creationtimestamp| type| source ---|---|--- 2025-01-05 17:35:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113776952301074774 2025-01-05 18:15:18+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lez7zbcv5k2k 2025-01-05 18:36:19+00:00| seen|...