Lucene search
K

37008 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/14 12:0 a.m.8 views

Hitachi Energy's RTU500 series Missing synchronization (CVE-2025-1445)

A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing situations, when IEC61850 communication is active. Precondition is that IEC61850 as client or server are...

8.7CVSS5.4AI score0.00365EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.6 views

The vulnerability of the padata_reorder() function in the kernel/padata.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the padatareorder function in the kernel/padata.c module of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

7.8CVSS7.2AI score0.00205EPSS
Exploits0References50Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.7 views

The vulnerability of the nilfs_clear_dirty_pages() function in the fs/nilfs2/page.c module of the NILFS2 file system support module for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nilfscleardirtypages function in the fs/nilfs2/page.c module of the NILFS2 file system support module in the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.7AI score0.00188EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.6 views

The vulnerability of the io_rw_init_file() function in the io_uring/rw.c module, a component of the Linux kernel’s asynchronous input/output interface, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the iorwinitfile function in the iouring/rw.c module, a component of the Linux kernel’s asynchronous input/output interface, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS6.5AI score0.00228EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.9 views

Vulnerability of the lpfc_initial_flogi() function in the drivers/scsi/lpfc/lpfc_els.c module – The SCSI device support driver for the Linux operating system, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the lpfcinitialflogi function in the drivers/scsi/lpfc/lpfcels.c module – The Linux SCSI device driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

7.8CVSS6.6AI score0.0025EPSS
Exploits0References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.11 views

The vulnerability of the nci_close_device() function in the net/nfc/nci/core.c module, which is part of the NFC NCI support for Linux operating systems, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the nciclosedevice function in the net/nfc/nci/core.c module, which supports NFC NCI implementations in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References22Affected Software4
Vulnrichment
Vulnrichment
added 2025/04/10 11:2 a.m.5 views

CVE-2025-22375 Authentication Bypass in CyberAudit-Web

An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the exploitation of a logic flaw, an attacker could create a valid session without any credentials. This vulnerability has been patched in versions later than 9.5 and a patch has been made available to all instanc...

9.3CVSS7AI score0.00464EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/10 8:27 a.m.18 views

CVE-2025-30017

Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1. After successful exploitation, an attacker can cause limited impact on the integrity and availability of the application...

4.4CVSS6.8AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/10 8:23 a.m.18 views

CVE-2025-31332

Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...

6.6CVSS6.6AI score0.00134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/10 8:17 a.m.11 views

CVE-2025-30016

SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application...

9.8CVSS7.8AI score0.00573EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/04/09 3:8 p.m.7 views

CVE-2025-21792 affecting package kernel for versions less than 6.6.79.1-1

CVE-2025-21792 affecting package kernel for versions less than 6.6.79.1-1. A patched version of the package is available...

5.5CVSS6.8AI score0.00206EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/09 1:55 p.m.1 views

SUSE CVE-2024-38797

EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...

4.6CVSS6.9AI score0.00214EPSS
Exploits0References3
NVD
NVD
added 2025/04/09 11:15 a.m.10 views

CVE-2025-2442

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could potentially lead to unauthorized access which could result in the loss of confidentially, integrity and availability when a malicious user, having physical access, sets the radio to the factory default...

6.8CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 10:26 a.m.57 views

CVE-2025-2442

CVE-2025-2442 concerns Schneider Electric Trio Q Licensed Data Radio. The vulnerability stems from Initialization of a Resource with an Insecure Default , enabling a malicious user with physical access to set the radio to factory default mode and trigger unauthorized access, potentially compromis...

6.8CVSS6.7AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 10:16 a.m.65 views

CVE-2025-2223

CVE-2025-2223 affects Schneider Electric ConneXium Network Manager. The root cause is improper input validation in the software, enabling a malicious local user to load a crafted project file that can compromise confidentiality, integrity, and availability on engineering workstations. CVSS metric...

8.4CVSS6.8AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 10:16 a.m.5 views

CVE-2025-2223

CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when a malicious project file is loaded by a user from the local system...

8.4CVSS6.8AI score0.00163EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 4:4 a.m.21 views

CVE-2024-58109

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.5AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 4:2 a.m.20 views

CVE-2024-58110

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.5AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 4:0 a.m.19 views

CVE-2024-58116

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.5AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 4:0 a.m.21 views

CVE-2024-58108

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.5AI score0.00226EPSS
Exploits0References1
Rows per page
Query Builder