Lucene search
K

51 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Do not include the stack pointer register in precision backtracking bookkeeping. Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: ...

7.8CVSS6.4AI score0.00162EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:4 a.m.8 views

udf: fix partition descriptor append bookkeeping

...

7.8CVSS5.4AI score0.00164EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.9 views

CVE-2026-45991

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

7.8CVSS5.7AI score0.00164EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.7 views

CVE-2026-45991

udf: fix partition descriptor append bookkeeping...

7.8CVSS5.8AI score0.00164EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:31 p.m.37 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS6.5AI score0.00286EPSS
Exploits1References29
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.8 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bonding: check xdp prog when set bond mode CVE-2025-22105 kernel: block: fix resource leak in blkregisterqueue error path CVE-2025-37980 kernel: dmaengine: idxd: fix memory leak in error...

7.8CVSS5.5AI score0.00286EPSS
Exploits1References30
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:0 a.m.9 views

bpf: Do not include stack ptr register in precision backtracking bookkeeping

...

7AI score0.00162EPSS
Exploits0
NVD
NVD
added 2025/07/10 8:15 a.m.3 views

CVE-2025-38279

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS0.00162EPSS
Exploits0References3
OSV
OSV
added 2025/07/10 8:15 a.m.5 views

UBUNTU-CVE-2025-38279

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS6.2AI score0.00162EPSS
Exploits0References28
CVE
CVE
added 2025/07/10 7:41 a.m.85 views

CVE-2025-38279

CVE-2025-38279: Linux kernel bpf verifier backtracking bug in __mark_chain_precision (verifier) when handling precise registers; a test demonstrating a r10-related path and a patch that stops including stack ptr in precision backtracking was provided. Affected component: Linux kernel BPF verifier...

7.8CVSS6.3AI score0.00162EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/10 7:41 a.m.7 views

CVE-2025-38279 bpf: Do not include stack ptr register in precision backtracking bookkeeping

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS6.3AI score0.00162EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

SAP Electronic Invoicing 安全漏洞

SAP Electronic Invoicing is an electronic invoice management solution from SAP, Germany. It is used for business electronic invoicing, bookkeeping, clearing and reconciliation. A security vulnerability exists in SAP Electronic Invoicing that originates from unauthorized access and could lead to...

2.4CVSS6.5AI score0.00182EPSS
Exploits0References4
CVE
CVE
added 2025/01/24 10:52 a.m.54 views

CVE-2025-23622

CVE-2025-23622 corresponds to a Reflected XSS in the WordPress CBX Accounting & Bookkeeping plugin (versions n/a through 1.3.14). The issue stems from improper input neutralization during web page generation. Public sources (Red Hat and CVE feed) confirm the affected product/version and describe ...

7.1CVSS7.2AI score0.0022EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.4 views

WordPress CBX Accounting & Bookkeeping plugin <= 1.3.14 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin CBX Accounting & Bookkeeping versions = 1.3.14...

7.1CVSS6.1AI score0.0022EPSS
Exploits0Affected Software1
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.13 views

A malicious contributor can increase voting power maliciously and eventually steal funds!

Lines of code Vulnerability details Impact Unlimited voting power for attacker and stealing of funds ! Proof of Concept All of the contribute functions uses msg.value to calculate the votingpower . For example , contribute function looks like this : function contribute uint256 tokenId, address...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.2 views

Envoy 资源管理错误漏洞

Envoy is an open source distributed proxy server. A resource management error vulnerability exists in Envoy versions prior to 1.27.0, which stems from the possibility that Envoy's HTTP/2 codec may leak header maps and bookkeeping structures after receiving the frame RSTSTREAM from an upstream...

7.5CVSS8AI score0.01106EPSS
Exploits0References9
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.9 views

Admin may take non-fee baseTokens from Collateral.sol

Lines of code Vulnerability details Description In Collateral.sol, deposit and withdraw functions are subject to fees. They are either sent directly to the treasure in deposit / withdraw hooks, or are kept in the Collateral contract for safekeeping. Later, manager can use managerWithdraw function...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/02/02 12:0 a.m.9 views

Consistently check account balance before and after transfers for Fee-On-Transfer discrepencies

Handle Dravee Vulnerability details Impact Wrong fateBalance bookkeeping for a user. Wrong fateCreated value emitted. Proof of Concept Taking into account the FOT is done almost everywhere important in the solution already. That's a known practice in the solution. However, it's missing here see...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/08/25 12:0 a.m.19 views

LedgerSMB Cross-Site Scripting Vulnerability (CNVD-2021-101203)

LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, etc. A cross-site scripting vulnerability exists in LedgerSMB, which stems from the application's failure to check the origin of HTML fragments...

9.6CVSS1.4AI score0.03014EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/25 12:0 a.m.18 views

LedgerSMB Cross-Site Scripting Vulnerability

LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, etc. A cross-site scripting vulnerability exists in LedgerSMB, which stems from the application's failure to adequately encode HTML for error...

9.6CVSS1.7AI score0.02386EPSS
Exploits0References1
Rows per page
Query Builder