Lucene search
K

408 matches found

OSV
OSV
added 2025/09/18 4:15 p.m.4 views

UBUNTU-CVE-2023-53442

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

5.5CVSS5.7AI score0.00134EPSS
Exploits0References6
OSV
OSV
added 2025/09/18 4:4 p.m.4 views

CVE-2023-53442 ice: Block switchdev mode when ADQ is active and vice versa

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

5.5CVSS5.8AI score0.00134EPSS
Exploits0References6
NVD
NVD
added 2025/08/29 5:15 p.m.4 views

CVE-2024-12923

A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...

5.4CVSS0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/08/25 6:15 p.m.4 views

CVE-2025-57802

Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory /app/data. Because the container bind-mounts an...

8.7CVSS0.0036EPSS
Exploits0References2
NVD
NVD
added 2025/08/19 5:15 p.m.17 views

CVE-2025-38608

In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...

5.5CVSS0.0016EPSS
Exploits0References11
CVE
CVE
added 2025/08/19 5:3 p.m.56 views

CVE-2025-38608

The CVE-2025-38608 issue is a Linux kernel vulnerability in bpf/ktls that can cause data corruption by failing to recalculate ciphertext length after plaintext length reduction via socket policy, resulting in uninitialized data being transmitted in TLS records. The impact is network-layer data in...

5.5CVSS7.3AI score0.0016EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2025/08/19 5:3 p.m.3 views

CVE-2025-38608

In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...

5.5CVSS5.7AI score0.0016EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/19 7:51 p.m.8 views

CVE-2025-6249

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data...

8.4CVSS7.2AI score0.00158EPSS
Exploits0References1
NVD
NVD
added 2025/07/17 8:15 p.m.4 views

CVE-2025-6249

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data...

8.4CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2025/07/17 7:20 p.m.22 views

CVE-2025-6249

CVE-2025-6249 affects the FileZ client application. The connected sources describe an authentication bypass vulnerability that could allow a local attacker with elevated permissions to access application data. The issue targets the FileZ client, with root cause aligned to bypassing authentication...

8.4CVSS6.7AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/17 7:20 p.m.10 views

CVE-2025-6249

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data...

8.4CVSS0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/17 7:20 p.m.3 views

CVE-2025-6249

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data...

8.4CVSS7.1AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.7 views

PT-2025-29961 · Filez · Filez

Name of the Vulnerable Software and Affected Versions: FileZ client application affected versions not specified Description: An authentication bypass exists in the FileZ client application. A local attacker with elevated permissions may gain access to application data. Recommendations: At the...

8.4CVSS6.3AI score0.00158EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.2 views

PT-2025-29375 · Go · Github.Com/Lf-Edge/Ekuiper +1

Summary Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. In this case, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data o...

8.5CVSS7.4AI score
Exploits0References4
NVD
NVD
added 2025/07/01 6:15 p.m.6 views

CVE-2025-45081

Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data...

8.8CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/07/01 12:0 a.m.20 views

CVE-2025-45081

CVE-2025-45081 concerns IITB SSO v1.1.0, where misconfigured settings allow attackers to access sensitive application data. The available connected sources confirm the issue is tied to IITB SSO 1.1.0 and a configuration flaw rather than a code defect, with CVSS v3.1 base score 8.8 (HIGH) and an a...

8.8CVSS7AI score0.00266EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/29 1:57 a.m.2 views

Malicious code in application-data (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db3bf4666074d14ba6a27a4c7851e0abdd35a89b6c5f9833996d9d8b774fd2e3 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/29 1:57 a.m.1 views

MAL-2025-5322 Malicious code in application-data (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db3bf4666074d14ba6a27a4c7851e0abdd35a89b6c5f9833996d9d8b774fd2e3 Any computer that has this package installed or running should be considered...

7.2AI score
Exploits0References1
CVE
CVE
added 2025/06/12 2:12 p.m.47 views

CVE-2025-49192

CVE-2025-49192 is a clickjacking vulnerability affecting SICK Field Analytics and SICK Media Server, where the web UI can be embedded in a frame to mislead users and potentially expose confidential data or enable control gains. The issue is described across multiple sources (SICK PSIRT and relate...

6.1CVSS6.9AI score0.00274EPSS
Exploits0References6Affected Software2
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.4 views

Feng Office 代码问题漏洞

Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. A code issue vulnerability exists in Feng Office version 3.2.2.1, which...

8.1CVSS6.7AI score0.0035EPSS
Exploits1References5
Rows per page
Query Builder