Lucene search
K

442 matches found

NVD
NVD
added 2025/09/25 8:15 p.m.2 views

CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.5CVSS0.00549EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 8:15 p.m.3 views

DEBIAN-CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.5CVSS6AI score0.00549EPSS
Exploits0References1
OSV
OSV
added 2025/09/25 8:15 p.m.3 views

UBUNTU-CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/25 12:0 a.m.10 views

CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

0.00549EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 12:0 a.m.5 views

CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.5CVSS8AI score0.00549EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/09/25 12:0 a.m.2 views

CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.7AI score0.00549EPSS
Exploits0References4
CVE
CVE
added 2025/09/25 12:0 a.m.22 views

CVE-2025-57632

The CVE-2025-57632 entry concerns libsmb2 6.2+ vulnerable to a Buffer Overflow when processing SMB2 chained PDUs (NextCommand). The root cause is repeated calls to smb2_add_iovector() that append to a fixed-size iovec array without checking the upper bound of v->niov (SMB2_MAX_VECTORS=256). Th...

7.5CVSS7.7AI score0.00549EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.3 views

PT-2025-39452

Name of the Vulnerable Software and Affected Versions libsmb2 versions 6.2 and later Description The software contains a flaw due to improper handling of SMB2 chained PDUs NextCommand. Specifically, the smb2 add iovector function is repeatedly called to append to a fixed-size iovec array without...

7.5CVSS7.5AI score0.00549EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/09/20 7:31 a.m.13 views

CVE-2025-10493

The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other...

5.3CVSS6.2AI score0.00855EPSS
Exploits2References1
CVE
CVE
added 2025/09/18 6:49 a.m.49 views

CVE-2025-10493

The CVE concerns the WordPress plugin Chained Quiz (versions 1.3.4 and earlier). The root cause is an insecure direct object reference in the quiz submission/completion flow, due to lack of validation on a user‑controlled key exposed via the chained_completion_id cookie. An unauthenticated attack...

5.3CVSS5.8AI score0.00855EPSS
Exploits2References6
Cvelist
Cvelist
added 2025/09/18 6:49 a.m.26 views

CVE-2025-10493 Chained Quiz <= 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other...

5.3CVSS0.00855EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.10 views

PT-2025-38302

Name of the Vulnerable Software and Affected Versions Chained Quiz plugin for WordPress versions 1.3.4 and below Description The Chained Quiz plugin for WordPress is susceptible to an Insecure Direct Object Reference issue in versions 1.3.4 and below. This flaw resides in the quiz submission and...

5.3CVSS6.3AI score0.00855EPSS
Exploits2References10
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.23 views

WordPress plugin Chained Quiz 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.4AI score0.00855EPSS
Exploits2References7
Patchstack
Patchstack
added 2025/09/17 9:23 p.m.13 views

WordPress Chained Quiz plugin <= 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie vulnerability

Unauthenticated Insecure Direct Object Reference via Cookie vulnerability discovered by Karuppiah Sabari Kumar in WordPress Plugin Chained Quiz versions = 1.3.5...

5.3CVSS6.7AI score0.00855EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/17 12:49 a.m.11 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

5.3CVSS7.2AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 3:31 p.m.4 views

GHSA-HJM5-XGJ8-VWJ6 mcp-kubernetes-server has a Command Injection vulnerability

mcp-kubernetes-server does not correctly enforce the --disable-write / --disable-delete protections when commands are chained. The server only inspects the first token to decide whether an operation is write/delete, which allows a read-like command to be followed by a write action using shell...

5.3CVSS7.2AI score0.00281EPSS
Exploits0References4
NVD
NVD
added 2025/09/15 2:15 p.m.3 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

5.3CVSS0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/15 12:0 a.m.11 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/15 12:0 a.m.2 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS6.9AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.5 views

mcp-kubernetes-server 安全漏洞

mcp-kubernetes-server is a Model Context Protocol server for Pengfei Ni Personal Developer. A security vulnerability exists in mcp-kubernetes-server version 0.1.11 and earlier, which stems from an unconsidered chained command that could lead to bypassing write and delete operation restrictions...

5.3CVSS6.6AI score0.00281EPSS
Exploits0References3
Rows per page
Query Builder