Lucene search
K

36999 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/20 12:0 a.m.5 views

The vulnerability of the Apache Tomcat application server arises from a lack of mechanisms for encoding or shielding output data. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Apache Tomcat application server is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.2AI score0.0418EPSS
Exploits1References10Affected Software6
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check for Supm extension availability, which could lead to a kernel crash...

6.2AI score0.0013EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/19 7:43 a.m.7 views

CVE-2025-23165

A flaw was found in the ReadFileUtf8 internal binding of Node.js. This vulnerability can allow an attacker to cause an application denial of service via repeated file read operations that trigger an unrecoverable memory leak due to a corrupted pointer in the underlying file system binding...

3.7CVSS4.2AI score0.0048EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2025/05/17 12:0 a.m.16 views

KLA83718 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read or write vulnerability can be exploited to cause denial of service. 2. Out of bounds memo...

9.8CVSS8.4AI score0.08917EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2025/05/17 12:0 a.m.21 views

KLA83716 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read or write vulnerability can be exploited to cause denial of service. 2. Out of bounds...

9.8CVSS8.5AI score0.08917EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/05/17 12:0 a.m.4 views

EulerOS Virtualization 2.12.1 : python-requests (EulerOS-SA-2025-1558)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This...

4.3CVSS5AI score0.00374EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/16 12:0 a.m.6 views

The vulnerability of the VLAN (Virtual Local Area Network) technology in the microprogramming-based industrial wireless switches ABB ARG600, ARP600, ARR600, and ARC600 allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the VLAN Virtual Local Area Network technology in the microprogramming-based industrial wireless switches ABB ARG600, ARP600, ARR600, and ARC600 is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to compromise the...

10CVSS7.8AI score0.00801EPSS
Exploits0References2Affected Software4
NVD
NVD
added 2025/05/15 6:15 p.m.18 views

CVE-2025-47285

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, concat may skip evaluation of side effects when the length of an argument is zero. This is due to a fastpath in the implementation which skips evaluation of argument expressions...

6.3CVSS0.00371EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/15 11:53 a.m.6 views

CVE-2025-46399

In xfig diagramming tool, a segmentation fault in fig2dev allows memory corruption via local input manipulation at gengeitpspline function...

4.7CVSS4.7AI score0.00199EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/15 1:11 a.m.16 views

CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

6.1CVSS6.9AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 1:11 a.m.16 views

CVE-2025-43000

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS6.9AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 1:11 a.m.30 views

CVE-2025-43010

SAP S/4HANA Cloud Private Edition or on Premise SCM Master Data Layer MDL allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack of input validation an...

8.3CVSS7.1AI score0.00414EPSS
Exploits0References1
OSV
OSV
added 2025/05/15 12:0 a.m.4 views

OPENSUSE-SU-2025:15092-1 pnpm-10.11.0-1.1 on GA media

These are all security issues fixed in the pnpm-10.11.0-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.8AI score0.00765EPSS
Exploits1References2
OSV
OSV
added 2025/05/15 12:0 a.m.2 views

OPENSUSE-SU-2025:15093-1 ucode-intel-20250512-1.1 on GA media

These are all security issues fixed in the ucode-intel-20250512-1.1 package on the GA media of openSUSE Tumbleweed...

6.8CVSS6.9AI score0.00371EPSS
Exploits0References9
NVD
NVD
added 2025/05/14 11:15 p.m.11 views

CVE-2025-46836

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

6.6CVSS0.00158EPSS
Exploits0References5
Atlassian
Atlassian
added 2025/05/14 5:9 a.m.22 views

DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.9.10, 8.13.6, 8.14.6, 8.15.0, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score ...

7.5CVSS7.8AI score0.01119EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0178: edk2 (ALINUX3-SA-2024:0178)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0178 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-45236: EDK2's Network Package is...

7.5CVSS7.7AI score0.00986EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0087: userspace graphics, xorg-x11, and mesa (ALINUX3-SA-2022:0087)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0087 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-14344: An integer overflow leadin...

7.8CVSS7.4AI score0.00629EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0002: libpq (ALINUX3-SA-2021:0002)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0002 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25694: A flaw was found in...

8.1CVSS7AI score0.02586EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/14 12:0 a.m.2 views

Security and Privacy Measurement on Chinese Consumer IoT Traffic Based on Device Lifecycle

In recent years, consumer Internet of Things IoT devices have become widely used in daily life. With the popularity of devices, related security and privacy risks arise at the same time as they collect user-related data and transmit it to various service providers. Although China accounts for a...

6.8AI score
Exploits0
Rows per page
Query Builder