Lucene search
K

350 matches found

AlpineLinux
AlpineLinux
added 2025/11/26 10:59 p.m.3 views

CVE-2025-64332

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...

7.5CVSS7AI score0.0032EPSS
Exploits0
EUVD
EUVD
added 2025/11/26 10:39 p.m.4 views

EUVD-2025-199776

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64data. This issue has been patched in...

7.5CVSS6.2AI score0.00359EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/26 10:39 p.m.3 views

CVE-2025-64335

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64data. This issue has been patched in...

7.5CVSS6.8AI score0.00359EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/26 10:39 p.m.9 views

CVE-2025-64334 Suricata is vulnerable to unbounded memory growth for decompression

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....

7.5CVSS0.00306EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-59148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 8.0.0 and below...

7.5CVSS7.1AI score0.00404EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-3425

Malware in sbrugna...

4CVSS6.8AI score0.01538EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27483

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.19313EPSS
Exploits4References5
SUSE CVE
SUSE CVE
added 2025/10/02 11:23 p.m.3 views

SUSE CVE-2025-59148

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed ...

7.5CVSS6.7AI score0.00404EPSS
Exploits0References3
CVE
CVE
added 2025/10/01 8:23 p.m.43 views

CVE-2025-59150

CVE-2025-59150 affects Suricata 8.0.0, where using the tls.subjectaltname keyword can cause a segmentation fault if the decoded subjectaltname contains a NULL byte. The issue is fixed in 8.0.1; a workaround is to disable rules using the tls.subjectaltname keyword. The NVD/NASL/Nessus entries corr...

7.5CVSS6.3AI score0.00492EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-47291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to...

7.5CVSS6.4AI score0.00242EPSS
Exploits0References2
CVE
CVE
added 2025/08/13 2:8 p.m.35 views

CVE-2025-54791

CVE-2025-54791 concerns OMERO.web prior to 5.29.2, where an error during the Forgot Password flow could disclose user information in the web page. The issue is mitigated by upgrading to version 5.29.2 or higher. As a workaround, disabling the Forgot Password option via the omero.web.show_forgot_p...

5.3CVSS6.9AI score0.00244EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-53537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak th...

7.5CVSS5.8AI score0.0042EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.7 views

PT-2025-25795

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved. The issue is related to MACsec offload for uplink representor profiles. MACsec offload is not supported in switchdev mode for...

5.5CVSS6.5AI score0.00161EPSS
Exploits0
OSV
OSV
added 2025/06/09 12:47 p.m.3 views

CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows

WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...

9.9CVSS8.3AI score0.00636EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.4 views

PT-2025-22165

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A slab-use-after-free issue has been identified in the Linux kernel's HDCP code. The vulnerability occurs when the HDCP code copies pointers to amdgpu dm connector objects without...

7.8CVSS6.8AI score0.00165EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/17 1:32 a.m.5 views

SUSE CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

9.8CVSS9AI score0.97859EPSS
Exploits36References5
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.5 views

PT-2025-17213 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version V4.0si V16.03.10.20 Description: The issue is related to a Buffer Overflow in AdvSetMacMtuWan via wanMTU2. This allows for potential exploitation. No information is provided about the estimated number of potentially affecte...

7.8CVSS6.2AI score0.00507EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.3 views

PT-2025-16380 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version V4.0si V16.03.10.20 Description: The issue concerns a Buffer Overflow in the AdvSetMacMtuWan function via the mac2 variable. Recommendations: For Tenda AC10 version V4.0si V16.03.10.20, as a temporary workaround, consider...

10CVSS7.3AI score0.00563EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.3 views

PT-2025-15283 · Libbpf +1 · Libbpf +1

Name of the Vulnerable Software and Affected Versions: libbpf version 1.5.0 Description: The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the bpf object init prog function of libbpf. Recommendations: For libbpf version 1.5.0, as a temporary...

6.2CVSS8AI score0.00216EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.9 views

PT-2025-14838 · Unknown · React-Draft-Wysiwyg

Name of the Vulnerable Software and Affected Versions: react-draft-wysiwyg versions 3.1 and earlier Description: The issue is related to Cross-site Scripting XSS via the Embedded button, which results in saving the payload in the iframe tag. This allows attackers to exploit the vulnerability...

6.1CVSS5.5AI score0.0023EPSS
Exploits0References8
Rows per page
Query Builder