Lucene search
K

278 matches found

EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2025-208725

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

5.3CVSS5.8AI score0.00369EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/08 1:44 a.m.6 views

CVE-2026-25071

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/07 3:30 a.m.6 views

EUVD-2026-10093

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References3
NVD
NVD
added 2026/03/07 1:15 a.m.3 views

CVE-2026-25071

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS0.00512EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/07 12:20 a.m.3 views

CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References2
CVE
CVE
added 2026/03/07 12:20 a.m.11 views

CVE-2026-25071

CVE-2026-25071 affects XikeStor SKS8310-8X network switch firmware version 1.04.B07 and earlier. The vulnerability is a missing authentication on the /switch_config.src endpoint, allowing unauthenticated remote attackers to download device configuration files, potentially exposing sensitive VLAN ...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/07 12:20 a.m.28 views

CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS0.00512EPSS
Exploits0References2
OSV
OSV
added 2026/02/15 12:9 a.m.6 views

OSV-2026-246 Use-of-uninitialized-value in printAddressingMode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484248078 Crash type: Use-of-uninitialized-value Crash state: printAddressingMode M68KprintInst csdisasm...

5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.26 views

CVE-2026-23103 ipvlan: Make the addrs_lock be per port

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrslock be per port Make the addrslock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. ...

7.8CVSS0.00107EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.28 views

CVE-2026-23085 irqchip/gic-v3-its: Avoid truncating memory addresses

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

0.00123EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/15 5:38 p.m.5 views

CVE-2025-71089

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS6.5AI score0.00145EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:2 a.m.3 views

iommu: disable SVA when CONFIG_X86 is set

...

7.8CVSS5.4AI score0.00145EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/01/14 12:25 a.m.5 views

SUSE CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7CVSS6.7AI score0.00145EPSS
Exploits0References29
OSV
OSV
added 2026/01/13 4:16 p.m.16 views

AZL-74330 CVE-2025-71089 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7.8CVSS6AI score0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 4:16 p.m.8 views

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7.8CVSS0.00145EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:34 p.m.5 views

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

6.2AI score0.00145EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/01/13 3:34 p.m.35 views

CVE-2025-71089

CVE-2025-71089 affects the Linux kernel via IOMMU Shared Virtual Addressing (SVA). In SVA, the IOMMU can cache kernel page-table entries, so freeing a kernel page-table page and reusing it could leave stale IOMMU entries, enabling use-after-free or write-after-free scenarios that could allow loca...

7.8CVSS6.3AI score0.00145EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/01/13 3:34 p.m.25 views

CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7.8CVSS0.00145EPSS
Exploits0References6
OSV
OSV
added 2026/01/13 3:34 p.m.6 views

CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7.8CVSS6.6AI score0.00145EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/10/23 12:0 a.m.3 views

CVE-2025-62820

Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network...

4.9CVSS6.7AI score0.00199EPSS
Exploits0References2
Rows per page
Query Builder