Lucene search
K

259 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:26 p.m.10 views

CVE-2021-25695

The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver...

7.8CVSS7.2AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.10 views

CVE-2020-36564

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

7.5CVSS6.8AI score0.00722EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:16 a.m.7 views

CVE-2019-19324

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance...

7.5CVSS6.9AI score0.01015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.8 views

CVE-1999-0478

Denial of service in HP-UX sendmail 8.8.6 related to accepting connections...

5CVSS6.9AI score0.0136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/08 10:10 a.m.21 views

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE...

7.5CVSS6.9AI score0.00211EPSS
Exploits0
NVD
NVD
added 2025/05/06 9:15 a.m.37 views

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE...

7.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/05/06 8:32 a.m.70 views

CVE-2024-49847

CVE-2024-49847 describes a transient DoS affecting Qualcomm chipsets during processing of OTA registration messages, caused by incorrect ciphering key data IE. The vulnerability is tied to the OTA handling flow in the chipset/firmware (Qualcomm components). The CVSSv3.1 base is 7.5 (High) with ne...

7.5CVSS7.5AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/06 8:32 a.m.40 views

CVE-2024-49847 Buffer Over-read in Multi-Mode Call Processor

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE...

7.5CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/06 8:32 a.m.16 views

CVE-2024-49847 Buffer Over-read in Multi-Mode Call Processor

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE...

7.5CVSS6.9AI score0.00211EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/05/01 12:55 p.m.7 views

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS5.6AI score0.00176EPSS
Exploits0
OSV
OSV
added 2025/04/16 3:16 p.m.2 views

DEBIAN-CVE-2025-22088

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdmaacceptnewconn After the erdmacepputnewcep being called, newcep will be freed, and the following dereference will cause a UAF problem. Fix this issue...

7.8CVSS5.7AI score0.00181EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/04/08 8:4 p.m.15 views

CVE-2025-22871

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

9.1CVSS6.6AI score0.00778EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/04/08 8:4 p.m.28 views

CVE-2025-22871 Request smuggling due to acceptance of invalid chunked data in net/http

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

9.4AI score0.00778EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/03/30 5:43 a.m.18 views

CVE-2025-1734

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

6.3CVSS6.3AI score0.00481EPSS
Exploits0
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.3 views

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from a client accepting trusted certificates for arbitrary hostnames...

5.4CVSS6.5AI score0.00184EPSS
Exploits0References6
OSV
OSV
added 2025/03/14 7:55 p.m.8 views

GHSA-R8GC-QC2C-C7VH Post-Quantum Secure Feldman's Verifiable Secret Sharing has Inadequate Fault Injection Countermeasures in `secure_redundant_execution`

Description: The secureredundantexecution function in feldmanvss.py attempts to mitigate fault injection attacks by executing a function multiple times and comparing results. However, several critical weaknesses exist: 1. Python's execution environment cannot guarantee true isolation between...

5.4CVSS6.7AI score0.00178EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/03/12 3:10 p.m.13 views

CVE-2025-1497

A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code. Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting t...

9.8CVSS8.3AI score0.00952EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-36936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 efi/unaccepted: F...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a contention condition in mptcp that does not accept sockets...

7.8CVSS5.3AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service when the modem receives a registration acceptance OTA with an incorrect encryption key data IE...

7.5CVSS6.4AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder