Lucene search
K

13681 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 3:16 a.m.14 views

CVE-2024-24199

smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/dns.c...

7.5CVSS7.1AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2025/02/13 3:20 p.m.9 views

CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

8.5CVSS6.6AI score0.00171EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/13 3:20 p.m.10 views

CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

8.5CVSS6.8AI score0.00171EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/12 10:36 p.m.5 views

CVE-2025-25189

The ZOO-Project is an open source processing platform. A reflected Cross-Site Scripting vulnerability exists in the ZOO-Project Web Processing Service WPS publish.py CGI script prior to commit 7a5ae1a. The script reflects user input from the jobid parameter in its HTTP response without proper HTM...

6.9CVSS6.1AI score0.00418EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 6:29 p.m.9 views

MGASA-2025-0058 Updated subversion packages fix security vulnerability

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...

4.3CVSS6.6AI score0.01905EPSS
Exploits1References3
OSV
OSV
added 2025/02/12 6:15 p.m.9 views

AZL-79122 CVE-2025-25199 affecting package golang 1.25.7-1

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

7.5CVSS7.3AI score0.0128EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 2:15 p.m.16 views

CVE-2025-21698

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: gadget: userial: Disable ep before setting port to null to fix the crash caused by port being null" This reverts commit 13014969cbf07f18d62ceea40bd8ca8ec9d36cec. It is reported to cause crashes on Tegra systems, so...

6.8AI score
Exploits0References9
NVD
NVD
added 2025/02/12 2:15 p.m.20 views

CVE-2024-57952

In the Linux kernel, the following vulnerability has been resolved: Revert "libfs: fix infinite directory reads for offset dir" The current directory offset allocator based on mtreealloccyclic stores the next offset value to return in octx-nextoffset. This mechanism typically returns values that...

5.5CVSS0.00203EPSS
Exploits0References3
OSV
OSV
added 2025/02/12 2:15 p.m.2 views

DEBIAN-CVE-2024-57952

In the Linux kernel, the following vulnerability has been resolved: Revert "libfs: fix infinite directory reads for offset dir" The current directory offset allocator based on mtreealloccyclic stores the next offset value to return in octx-nextoffset. This mechanism typically returns values that...

5.5CVSS5.7AI score0.00203EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/12 1:52 p.m.8 views

CVE-2024-57952

In the Linux kernel, the following vulnerability has been resolved: Revert "libfs: fix infinite directory reads for offset dir" The current directory offset allocator based on mtreealloccyclic stores the next offset value to return in octx-nextoffset. This mechanism typically returns values that...

5.5CVSS5.7AI score0.00203EPSS
Exploits0
OSV
OSV
added 2025/02/12 1:52 p.m.12 views

CVE-2024-57952 Revert "libfs: fix infinite directory reads for offset dir"

In the Linux kernel, the following vulnerability has been resolved: Revert "libfs: fix infinite directory reads for offset dir" The current directory offset allocator based on mtreealloccyclic stores the next offset value to return in octx-nextoffset. This mechanism typically returns values that...

5.5CVSS6AI score0.00203EPSS
Exploits0References6
Snyk
Snyk
added 2025/02/11 6:31 p.m.2 views

Access Control Bypass

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Access Control Bypass enabling the bypass of a security feature. Remediation There is no fixed version for magento/project-community-edition...

6.9CVSS6.9AI score0.00584EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.2 views

Access Control Bypass

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Access Control Bypass that could allow a privileged attacker to escalate privileges. Remediation There is no fixed version for...

5.4CVSS6.9AI score0.00415EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.2 views

Improper Check for Unusual or Exceptional Conditions

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions enabling the bypass of a security feature. Remediation There is no fixed version for...

5.3CVSS6.9AI score0.00585EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.2 views

Access Control Bypass

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Access Control Bypass that could enable a privileged attacker to escalate privileges. Remediation There is no fixed version for...

5.1CVSS6.9AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/11 6:31 p.m.1 views

Information Exposure

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Information Exposure which could allow a privileged attacker to escalate privileges. Remediation There is no fixed version for...

7CVSS6.9AI score0.00936EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.18 views

Astra Linux – Vulnerability in llvm-toolchain-15

It was discovered that the commit fdbc55a5 from the llvm-project contains a segmentation fault due to the component mlir::IROperandmlir::OpOperand...

5.5CVSS6AI score0.00221EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in llvm-toolchain-15

It was discovered that the commit bd456297 from the llvm-project contains a segmentation fault due to the component mlir::Block::getArgument...

5.5CVSS6AI score0.00221EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in llvm-toolchain-15

It was discovered that the commit a0138390 from the llvm-project contains a segmentation fault due to the component mlir::spirv::TargetEnv::TargetEnvmlir::spirv::TargetEnvAttr...

5.5CVSS6AI score0.00218EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ubifs: Authentication: Fixed a use-after-free in ubifstncendcommit. After an insertion in TNC, the tree may split, causing a node to change its znode-parent. Further deletions of other nodes in the tree which could also free thos...

7.8CVSS6.3AI score0.00285EPSS
Exploits0References3
Rows per page
Query Builder