Lucene search
+L

188 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-5954

Malicious code in bioql PyPI...

6.6AI score
Exploits0References4
HackRead
HackRead
added 2025/09/18 1:0 p.m.5 views

Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs Against Last Mile Reassembly Attacks

Palo Alto, California, 18th September 2025, CyberNewsWire...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/27 1:2 p.m.4 views

CVE-2025-9527 Linksys E1700 QoSSetup stack-based overflow

A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ackpolicy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be...

9CVSS7.2AI score0.01322EPSS
Exploits1References6
OSV
OSV
added 2025/08/22 4:2 p.m.10 views

CVE-2025-38665 can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

5.5CVSS6.5AI score0.00136EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/08/22 4:2 p.m.9 views

CVE-2025-38665

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

5.5CVSS5.4AI score0.00136EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-52919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: nci: fix possible NULL pointer dereference in sendacknowledge Handle memory allocation failure from nciskballoc calling allocskb to avoid possible NULL...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/29 11:23 p.m.4 views

SUSE CVE-2025-38437

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

7.8CVSS6.4AI score0.00151EPSS
Exploits0References3
OSV
OSV
added 2025/07/25 4:15 p.m.3 views

DEBIAN-CVE-2025-38437

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

7.8CVSS6.2AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential post-release usage issue in the lease break acknowledgement path...

7.8CVSS8.1AI score0.00151EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2025/07/08 1:26 p.m.259 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 - sudo chroot Usage docker build -t cv...

9.3CVSS9.6AI score0.47467EPSS
Exploits70
FreeBSD
FreeBSD
added 2025/06/18 12:0 a.m.6 views

quiche -- Multiple vulnerabilities

Quiche Releases reports: This update includes 2 security fixes: Medium CVE-2025-4820: Incorrect congestion window growth by optimistic ACK. Reported by Louis Navarre on 2025-06-18. High CVE-2025-4821: Incorrect congestion window growth by invalid ACK ranges. Reported by Louis Navarre on 2025-06-1...

7.5CVSS7.1AI score0.00723EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2025/06/11 12:0 a.m.12 views

CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error

CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...

6.9AI score
Exploits0References4Affected Software1
OSV
OSV
added 2025/04/07 9:12 p.m.2 views

GHSA-RR8G-9FPQ-6WMG Tokio broadcast channel calls clone in parallel, but does not require `Sync`

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...

6.9CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2025/03/18 3:59 p.m.14 views

GO-2025-3517 Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go

Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/03/11 9:54 p.m.11 views

cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Description An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain. This an upstream dependency used in cheqd-node, rather than a custom...

7AI score
Exploits0References5Affected Software1
OSV
OSV
added 2025/03/05 3:55 p.m.8 views

GO-2025-3494 IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go

IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/01/22 6:8 p.m.26 views

DoS in Cilium agent DNS proxy from crafted DNS responses

Impact In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an attacker can crash Cilium agents by sending a crafted DNS response to workloads from outside the cluster. For traffic that is allowed but without using DNS-based policy, the dataplane will continue to pass traffic ...

5.3CVSS6.5AI score0.00418EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.6 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "Switch Request ACK" message missing th...

5.3CVSS6.6AI score0.00261EPSS
Exploits1References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/10/09 5:4 a.m.9 views

How to handle vulnerability reports in aviation

TL;DR Always thank researchers for reporting vulnerabilities. Acknowledging their efforts can set the right tone. Lead all communications with researchers. Don’t let legal or PR teams take over. Provide regular updates to avoid miscommunication. Keep researchers informed throughout the process. W...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/09/20 12:0 a.m.9 views

PT-2024-36917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the wifi driver rtw88. When removing kernel modules, the driver uses skb queue purge to purge TX skb but does not report ...

7.8CVSS5.4AI score0.00223EPSS
Exploits0
Rows per page
Query Builder