Lucene search
K

681 matches found

CNNVD
CNNVD
added 2025/02/26 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mipscpcdefaultphysbase not releasing the reference count of offindcompatiblenode...

5.5CVSS5.4AI score0.00243EPSS
Exploits0References9
Fedora
Fedora
added 2025/02/23 2:2 a.m.7 views

[SECURITY] Fedora 40 Update: vaultwarden-1.33.2-1.fc40

Unofficial Bitwarden compatible server...

6.3CVSS6.6AI score0.0065EPSS
Exploits0
Fedora
Fedora
added 2025/02/08 2:18 a.m.11 views

[SECURITY] Fedora 41 Update: vaultwarden-1.33.0-1.fc41

Unofficial Bitwarden compatible server...

8.1CVSS7.3AI score0.00996EPSS
Exploits2
Fedora
Fedora
added 2025/01/29 5:24 a.m.17 views

[SECURITY] Fedora 40 Update: vaultwarden-1.32.7-4.fc40

Unofficial Bitwarden compatible server...

9.8CVSS9.6AI score0.13064EPSS
Exploits4
AlmaLinux
AlmaLinux
added 2025/01/28 12:0 a.m.66 views

Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

4.9CVSS5.6AI score0.00424EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/24 5:24 p.m.5 views

CVE-2025-24547 WordPress Caching Compatible Cookie Opt-In plugin <= 0.0.10 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in matthias.wagner Caching Compatible Cookie Opt-In and JavaScript caching-compatible-cookie-optin-and-javascript allows Stored XSS.This issue affects Caching Compatible Cookie Opt-In and JavaScript:...

6.5CVSS7.2AI score0.00354EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/01/13 7:59 p.m.27 views

OpenFGA Authorization Bypass

Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...

9.8CVSS6.7AI score0.00428EPSS
Exploits0References4Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/12/12 8:0 a.m.1 views

x86/ioapic: Handle allocation failures gracefully

...

5.5CVSS6.8AI score0.00236EPSS
Exploits0
Veeam
Veeam
added 2024/12/03 12:0 a.m.17 views

How to Update Location Profile Endpoint Details and Preserve Access to an Existing Kopia Storage Repository

Purpose This article documents the correct procedure to update the Endpoint details in the Location Profile for an existing Kopia storage repository in S3-compatible stores and ensure the existing associated repositories remain accessible. Customers may wish to update the Endpoint details e.g.,...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/11/21 9:29 a.m.30 views

Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-zipp) security update

An update for python-zipp is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

6.2CVSS6.7AI score0.00236EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/11/20 3:49 a.m.6 views

SUSE CVE-2024-53046

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...

5.5CVSS7.7AI score0.00281EPSS
Exploits0References3
OSV
OSV
added 2024/11/19 6:15 p.m.7 views

AZL-53858 CVE-2024-53046 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...

5.5CVSS6.8AI score0.00281EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.10 views

RHEL 8 : Red Hat OpenShift Container Storage 4.7 RPM (RHSA-2021:2042)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2042 advisory. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform...

7.5CVSS6.7AI score0.03813EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/11/04 9:47 p.m.11 views

CVE-2024-51744

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

3.1CVSS6.3AI score0.00521EPSS
Exploits0
NVD
NVD
added 2024/10/31 6:15 p.m.35 views

CVE-2024-50347

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...

6.3CVSS0.00332EPSS
Exploits0References4
OSV
OSV
added 2024/10/31 6:3 p.m.43 views

GHSA-PFRR-XVRF-PXJX Laravel Reverb Missing API Signature Verification

Impact A community member disclosed an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message from a backend service or for obtaining statistical information such as number of...

8.7CVSS6.3AI score0.00332EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/10/31 6:3 p.m.25 views

Laravel Reverb Missing API Signature Verification

Impact A community member disclosed an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message from a backend service or for obtaining statistical information such as number of...

6.3CVSS6.8AI score0.00332EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/31 5:56 p.m.15 views

CVE-2024-50347 Laravel Reverb has Missing API Signature Verification

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...

6.3CVSS6.5AI score0.00332EPSS
Exploits0References4
OSV
OSV
added 2024/10/31 5:56 p.m.20 views

CVE-2024-50347 Laravel Reverb has Missing API Signature Verification

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...

6.3CVSS6.3AI score0.00332EPSS
Exploits0References6
CVE
CVE
added 2024/10/31 5:56 p.m.92 views

CVE-2024-50347

Laravel Reverb prior to 1.4.0 has a verification signature issue affecting the Pusher-compatible API endpoints (not the WebSocket connections). The vulnerability allows an attacker to submit requests with forged/unverified signatures, potentially influencing endpoints such as POST /events, GET /c...

6.3CVSS6.2AI score0.00332EPSS
Exploits0References4
Rows per page
Query Builder