Lucene search
K

211 matches found

RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.4 views

kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock

A vulnerability was found in the Linux kernel's Controller Area Network CAN protocol, within the J1939 protocol implementation. This issue occurs due to a potential deadlock caused by a race condition involving three locks: j1939sockslock, activesessionlistlock, and sksessionqueuelock. This issue...

5.5CVSS7.2AI score0.00183EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.14 views

CVE-2020-23140

Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sessions for when a user changes email and old sessions in any other browser or device, the session does not expire and remains active...

8.1CVSS7AI score0.01018EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.6 views

SUSE CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

4.7CVSS6.5AI score0.00168EPSS
Exploits0References3
NVD
NVD
added 2025/12/24 1:16 p.m.8 views

CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.5 views

CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

5.7AI score0.00168EPSS
Exploits0References5
CVE
CVE
added 2025/12/24 1:7 p.m.21 views

CVE-2023-54152

Summary: CVE-2023-54152 affects the Linux kernel’s j1939 subsystem, where a deadlock could occur when performing data TP/ETP transfers and subscribing to the error queue during a net down event. Root cause: a call to j1939_sk_errqueue() was made inside the active_session_list_lock, which could in...

6.1AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 1:7 p.m.5 views

CVE-2023-54152 can: j1939: prevent deadlock by moving j1939_sk_errqueue()

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

6.4AI score0.00168EPSS
Exploits0References7
EUVD
EUVD
added 2025/12/17 3:34 p.m.3 views

EUVD-2025-203894

CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires the administrator to browse a malicious web site or to click a link while he has an open session on the administration console...

2.3CVSS6.3AI score0.00165EPSS
Exploits0References2
Veracode
Veracode
added 2025/12/13 7:20 a.m.9 views

Improper Authentication

ibexa/user is vulnerable to improper authentication. The vulnerability is due to an error in the password validation logic during the transition from v4 to v5, which allows an attacker to change the account password without knowing the previous password by exploiting an active authenticated sessi...

8.5CVSS5.8AI score0.00123EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/10 5:22 a.m.7 views

CVE-2025-64489

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.8CVSS6.9AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2025/11/08 12:15 a.m.5 views

CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.3CVSS7AI score0.0033EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/08 12:15 a.m.6 views

CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.3CVSS6.5AI score0.0033EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/01 2:20 p.m.5 views

CVE-2025-64386

The equipment grants a JWT token for each connection in the timeline, but during an active valid session, a hijacking of the token can be done. This will allow an attacker with the token modify parameters of security, access or even steal the session without the legitimate and active session...

7.7CVSS6.8AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/31 1:42 p.m.4 views

CVE-2025-64386 HIJACKING OF THE TOKEN AND GAINING ACCESS

The equipment grants a JWT token for each connection in the timeline, but during an active valid session, a hijacking of the token can be done. This will allow an attacker with the token modify parameters of security, access or even steal the session without the legitimate and active session...

7.7CVSS6.5AI score0.00321EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-29806

Malware in sbrugna...

9.6CVSS8.6AI score0.00474EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27370

Malware in sbrugna...

4.7CVSS4.9AI score0.00478EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9982

Malware in sbrugna...

7.5CVSS7.8AI score0.04338EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11825

Malware in sbrugna...

8.8CVSS8.8AI score0.01417EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8952

Malware in sbrugna...

5.3CVSS5.6AI score0.00675EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2016-7478

Malware in sbrugna...

8.8CVSS8.8AI score0.00856EPSS
Exploits0References3
Rows per page
Query Builder