Lucene search
K

21 matches found

EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38948

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL dereference of "old" filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 "net: sched: protect filterchain list with filterchainlock mutex" TC filters are added to a shared blo...

5.8AI score0.00172EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the cls fw module where TC filters are added to a shared block and published to the datapath before their change function is called. This allows an invalid filter...

5.7CVSS6AI score0.00172EPSS
Exploits0References17
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mcbausb driver's failure to implement the ndochangemtu function, which could lead to a buffer overflow...

6.2AI score0.00225EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/08/07 7:0 a.m.4 views

net_sched: red: fix a race in __red_change()

...

7CVSS7AI score0.00129EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from netsched red competing conditions in redchange...

7CVSS6.5AI score0.00129EPSS
Exploits0References9
NVD
NVD
added 2025/05/29 6:15 p.m.29 views

CVE-2025-5323

A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function sendemailchangeuseremail of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail Verification Handler. The...

6.3CVSS0.00118EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.8 views

PT-2025-23188 · Fossasia · Open-Event-Server

Name of the Vulnerable Software and Affected Versions: fossasia open-event-server version 1.19.1 Description: A problematic issue has been found in the Mail Verification Handler component, specifically affecting the send email change user email function. This issue leads to reliance on obfuscatio...

6.3CVSS4AI score0.00118EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.7 views

PT-2025-20728 · Flytxt · Flytxt Neon-Dx

Name of the Vulnerable Software and Affected Versions: Flytxt NEON-dX version 0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c Description: The issue concerns the userId parameter in the change password function, allowing attackers to execute brute force attacks to discover user passwords. This could potential...

5.4CVSS6.5AI score0.00179EPSS
Exploits0References5
NVD
NVD
added 2024/11/14 6:15 p.m.33 views

CVE-2024-4311

zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the...

5.4CVSS0.00456EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/16 12:0 a.m.19 views

CVE-2024-42849

An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function...

0.0123EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.6 views

PT-2024-18299 · WordPress · Contact Form 7

Name of the Vulnerable Software and Affected Versions: Contact Form 7 plugin for WordPress versions up to, and including, 1.1.1 Description: The Admin side data storage is vulnerable to unauthorized modification of data due to a missing capability check on the zt dcfcf change bookmark function...

5.3CVSS9.5AI score0.00375EPSS
Exploits0References7
Prion
Prion
added 2023/10/09 8:15 p.m.24 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function...

6.8CVSS8.9AI score0.00887EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/09 12:0 a.m.37 views

CVE-2023-44811

Cross Site Request Forgery CSRF vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function...

9.1AI score0.00887EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/09 12:0 a.m.11 views

CVE-2023-44811

Cross Site Request Forgery CSRF vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function...

7.9AI score0.00887EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/10/25 12:55 p.m.3 views

kernel: use-after-free in route4_change() in net/sched/cls_route.c

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...

7.8CVSS6.8AI score0.00353EPSS
Exploits2References5
Huntr
Huntr
added 2022/10/20 10:27 a.m.21 views

Weak Password Requirement

Description We can change password with just 1 character when we use change password function. Proof of Concept When you change password, just press an charactor and then submit. Your password has been changed...

7.5CVSS1.3AI score0.01139EPSS
Exploits1
Code423n4
Code423n4
added 2022/07/15 12:0 a.m.8 views

Swivel.sol is missing authRedeem() function called in Marketplace.sol

Lines of code Vulnerability details Impact A user redeems or withdraws from their ZcToken by calling ZcToken.withdraw or ZcToken.redeem. Both of these functions then call MarketPlace.authRedeem which in turn calls Swivel.authRedeem. The issue is that Swivel.sol does not have an authRedeem functio...

6.8AI score
Exploits0
OSV
OSV
added 2022/01/14 7:15 p.m.1 views

UBUNTU-CVE-2021-45763

GPAC v1.1.0 was discovered to contain an invalid call in the function gfnodechanged. This vulnerability can lead to a Denial of Service DoS...

5.5CVSS6.8AI score0.00718EPSS
Exploits1References3
CVE
CVE
added 2020/02/24 2:35 p.m.42 views

CVE-2019-20481

The connected Red Hat advisories confirm CVE-2019-20481 affects the Miele XGW 3000 ZigBee Gateway before 2.4.0, where the Password Change Function does not require the old password. This is stated to be exploitable in conjunction with CVE-2019-20480 (CSRF). The combined entries indicate an auth-r...

9.8CVSS8.6AI score0.00587EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/11/27 12:0 a.m.4 views

PT-2019-6818 · Freedesktop +3 · Accountsservice +3

Name of the Vulnerable Software and Affected Versions: AccountService version 0.6.37 Description: An issue exists in the user change password authorized cb function in user.c, which could let a local user obtain encrypted passwords. Recommendations: For version 0.6.37, consider restricting access...

3.3CVSS3.5AI score0.00448EPSS
Exploits1References17
Rows per page
Query Builder