Lucene search
+L

830 matches found

HackRead
HackRead
added 2026/02/03 12:22 p.m.10 views

Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems

Everest ransomware claims a breach involving legacy Polycom systems later acquired by HP Inc., alleging the theft of 90GB of internal data...

5.3AI score
Exploits0
NVD
NVD
added 2026/01/14 3:16 p.m.6 views

CVE-2025-71132

In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following splat occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: workqueue leaked...

5.5CVSS0.00114EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper lock acquisition during a fallback, which could lead to a deadlock...

5.5CVSS6.1AI score0.00111EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.6 views

KryptoPilot: An Open-World Knowledge-Augmented LLM Agent for Automated Cryptographic Exploitation

Capture-the-Flag CTF competitions play a central role in modern cybersecurity as a platform for training practitioners and evaluating offensive and defensive techniques derived from real-world vulnerabilities. Despite recent advances in large language models LLMs, existing LLM-based agents remain...

7AI score
Exploits0
Snyk
Snyk
added 2026/01/10 6:51 a.m.7 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via a race condition in the acquire method. An attacker can cause lock operations to fail or behave unexpectedly by creating a symlink at the lock file path between the permission check and file creation. Remediation...

5.8CVSS6.6AI score0.00115EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.8 views

CVE-2019-2590

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products subcomponent: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.2CVSS7AI score0.01238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:3 a.m.10 views

CVE-2011-0858

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle 15 and 9.1 Bundle 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Manager...

5.5CVSS5.6AI score0.00872EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 3:30 p.m.7 views

EUVD-2022-55826

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtimecounterinit The "sysclk" resource is malloced by clkget, it is not released when the function return...

6AI score0.00177EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992511)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992511 advisory. In the Linux kernel, the following vulnerability has been resolved: mm,hugetlb: take hugetlblock before decrementing h-resvhugepages The h-hugepages counters are...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/25 12:23 a.m.5 views

SUSE CVE-2025-68739

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

6.7CVSS6.6AI score0.00181EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.3 views

CVE-2025-68739

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

5.7AI score0.00181EPSS
Exploits0References10
OSV
OSV
added 2025/12/24 1:6 p.m.6 views

CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...

5.9AI score0.00018EPSS
Exploits0References4
CVE
CVE
added 2025/12/24 12:9 p.m.62 views

CVE-2025-68739

CVE-2025-68739 concerns the Linux kernel component responsible for PM / devfreq, specifically the hisi OPP handling path. The connected documents describe a fix for a potential use-after-free (UAF) in OPP handling when managing power management references. The underlying issue was improper resour...

6.2AI score0.00181EPSS
Exploits0References3
OSV
OSV
added 2025/12/24 12:9 p.m.4 views

CVE-2025-68739 PM / devfreq: hisi: Fix potential UAF in OPP handling

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

6.4AI score0.00181EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2025/12/19 12:0 a.m.6 views

AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.3AI score0.0031EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:31 p.m.7 views

EUVD-2025-204315

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files...

5.3CVSS6.5AI score0.00579EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface and more. A security vulnerability exists in Inductive Automation Ignition that stems...

7.3CVSS6.5AI score0.00232EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/16 2:15 p.m.4 views

CVE-2025-68238

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...

5.7AI score0.00167EPSS
Exploits0References35
OSV
OSV
added 2025/12/16 1:30 p.m.6 views

CVE-2025-40347 net: enetc: fix the deadlock of enetc_mdio_lock

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetcmdiolock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the read lock enetcmdiolock...

6.2AI score0.00174EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/15 9:29 p.m.10 views

CVE-2025-67634

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...

6.1CVSS6.1AI score0.00162EPSS
Exploits0References1
Rows per page
Query Builder