Lucene search
K

37005 matches found

Veracode
Veracode
added 2025/05/05 8:6 a.m.9 views

Cache Poisoning

react-router is vulnerable to Cache Poisoning. The vulnerability is due to improper request handling due to allowing header-based switching from SSR to SPA mode, which can trigger an error response that is then cached, affecting application availability...

7.5CVSS6.7AI score0.23628EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/05 12:13 a.m.20 views

com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes. This issue may lead to availability attacks...

7.7CVSS7.1AI score0.1158EPSS
Exploits0References4
OSV
OSV
added 2025/05/05 12:0 a.m.2 views

OPENSUSE-SU-2025:15052-1 grafana-11.5.4-1.1 on GA media

These are all security issues fixed in the grafana-11.5.4-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.7AI score0.10611EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/04 10:3 p.m.13 views

CVE-2022-21546

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

7.5AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 10:15 p.m.18 views

CVE-2022-21546

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

7.8CVSS0.00176EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/02 9:52 p.m.21 views

CVE-2022-21546 scsi: target: Fix WRITE_SAME No Data Buffer crash

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

0.00176EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/02 9:52 p.m.11 views

CVE-2022-21546 scsi: target: Fix WRITE_SAME No Data Buffer crash

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

7.4AI score0.00176EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/05/02 9:52 p.m.5 views

CVE-2022-21546

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

7.8CVSS6.6AI score0.00176EPSS
Exploits0
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

DEBIAN-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

5.5CVSS5.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/02 3:23 p.m.9 views

CVE-2025-32974

XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page...

9CVSS6.8AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/02 6:39 a.m.7 views

CVE-2022-49921

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...

5.5CVSS6.7AI score0.00152EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.3 views

Capability-Based Multi-Tenant Access Management in Crowdsourced Drone Services

We propose a capability-based access control method that leverages OAuth 2.0 and Verifiable Credentials VCs to share resources in crowdsourced drone services. VCs securely encode claims about entities, offering flexibility. However, standardized protocols for VCs are lacking, limiting their...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.5 views

PT-2025-18734 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.5 Description: The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

5.3CVSS8.4AI score0.00414EPSS
Exploits0References6
OSV
OSV
added 2025/05/02 12:0 a.m.2 views

OPENSUSE-SU-2025:15045-1 MozillaFirefox-138.0-1.1 on GA media

These are all security issues fixed in the MozillaFirefox-138.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.8AI score0.00538EPSS
Exploits0References12
OSV
OSV
added 2025/05/02 12:0 a.m.1 views

OPENSUSE-SU-2025:15047-1 hauler-1.2.4-1.1 on GA media

These are all security issues fixed in the hauler-1.2.4-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.7AI score0.0045EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 12:0 a.m.7 views

OPENSUSE-SU-2025:15048-1 tomcat-9.0.104-1.1 on GA media

These are all security issues fixed in the tomcat-9.0.104-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.66933EPSS
Exploits6References2
OSV
OSV
added 2025/05/02 12:0 a.m.1 views

OPENSUSE-SU-2025:15046-1 docker-28.1.1_ce-16.1 on GA media

These are all security issues fixed in the docker-28.1.1ce-16.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.7AI score0.0045EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.5 views

The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formWifiMacFilterSet function in the Tenda i12 wireless access point’s microprogramming software lies in the reading of data outside the buffer in memory when processing the index parameter. Exploiting this vulnerability allows a remote attacker to compromise the...

8CVSS5.8AI score0.00252EPSS
Exploits0References3
CVE
CVE
added 2025/04/30 6:27 p.m.61 views

CVE-2025-46558

The CVE-2025-46558 issue affects XWiki Contrib's Syntax Markdown (org.xwiki.contrib.markdown:syntax-markdown-commonmark12). A cross-site scripting (XSS) vulnerability exists in Markdown syntax versions 8.2 through before 8.9 via HTML, allowing any user to embed JavaScript that executes in other u...

9CVSS8.5AI score0.00392EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/04/30 2:55 p.m.27 views

CVE-2025-32974 org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type

XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page...

9CVSS0.00298EPSS
Exploits0References3
Rows per page
Query Builder