Lucene search
K

112 matches found

Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.4 views

PT-2025-18599 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the KVM Kernel-based Virtual Machine component. The issue arises when the gfn to pfn cache is inactive, and KVM fails ...

5.1AI score0.00157EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-16679

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns an overflow in the dacloffset bounds check within the ksmbd component of the Linux kernel. Originally, the dacloffset field was typed as int and used in an unchecked...

7.1CVSS7.7AI score0.00257EPSS
Exploits0
OSV
OSV
added 2025/03/20 10:15 a.m.5 views

CVE-2024-10707

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue CVE-2024-4941. This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a speciall...

6.5CVSS5.9AI score0.00669EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2025/02/05 4:26 a.m.156 views

USN-7253-1: OpenJDK 17 vulnerability

It was discovered that the Hotspot component of OpenJDK 17 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
OSV
OSV
added 2025/01/23 12:0 a.m.4 views

CVE-2024-57721

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovgpathaddpath...

6.5CVSS7.2AI score0.00334EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/01/23 12:0 a.m.17 views

CVE-2024-57723

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component compositionsourceover...

0.00334EPSS
Exploits1References2
CVE
CVE
added 2025/01/16 12:0 a.m.42 views

CVE-2024-57770

CVE-2024-57770 affects JFinalOA prior to v2025.01.01, with a SQL injection vulnerability in the component apply/save#oaContractApply.id. The issue’s root cause is an input handling flaw that enables injectable SQL strings via that parameter, leading to potential confidentiality, integrity, and av...

8.8CVSS8.5AI score0.00568EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2025/01/14 12:0 a.m.6 views

CVE-2024-57645

An issue in the qiinststatefree component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00551EPSS
Exploits1
Cvelist
Cvelist
added 2025/01/14 12:0 a.m.28 views

CVE-2024-57659

An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

0.00668EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-16900 · Chromium +4 · Chromium +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 135.0.7049.95 Description: A use after free issue in the USB component of Google Chrome allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This issue is related to the...

10CVSS8.6AI score0.00366EPSS
Exploits0References52
NVD
NVD
added 2024/12/06 10:15 p.m.31 views

CVE-2024-44852

Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component thetastar::ThetaStar::isUnsafeToPlan...

9.8CVSS0.00587EPSS
Exploits1References3
NVD
NVD
added 2024/11/19 5:15 p.m.8 views

CVE-2024-48071

E-cology has a directory traversal vulnerability. An attacker can exploit this vulnerability to delete the server directory, causing the server to permanently deny service...

6.5CVSS0.00843EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.12 views

The vulnerability of the ntfs3 component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ntfs3 component in the Linux operating system’s kernel is related to errors in reading data beyond the boundaries of the buffer memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00244EPSS
Exploits0References30Affected Software5
Vulnrichment
Vulnrichment
added 2024/10/16 12:0 a.m.12 views

CVE-2024-46212

An issue in the component /index.php?page=backup/export of REDAXO CMS v5.17.1 allows attackers to execute a directory traversal...

7.1AI score0.00855EPSS
Exploits1References1
CNVD
CNVD
added 2024/09/13 12:0 a.m.8 views

Unspecified vulnerability in Linux kernel (CNVD-2024-39472)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an SSID-based PMKSA removal issue in the wifi:brcmfmac component. No details of the vulnerability are provid...

5.5CVSS6.5AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2024/09/10 5:15 p.m.13 views

CVE-2024-44893

An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to escalate privileges via a crafted GET request...

9.8CVSS0.00528EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/20 12:0 a.m.20 views

CVE-2024-40348

An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal...

7.2AI score0.0829EPSS
Exploits2References1
CVE
CVE
added 2024/07/20 12:0 a.m.148 views

CVE-2024-40348

Bazaar v1.4.3 and earlier contains an unauthenticated Arbitrary File Read via directory traversal in the component /api/swaggerui/static. The root cause is a path traversal vulnerability that allows reading arbitrary server files. Impact is unauthenticated access with potential disclosure of sens...

8.2CVSS7AI score0.0829EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/03/06 11:2 a.m.20 views

BIT-MYSQL-CLIENT-2022-27384

An issue in the component Itemsubselect::initexprcachetracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

7.5CVSS7.7AI score0.02159EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.5 views

PT-2024-19634 · Zkteco · Zkteco Zkbio Wdms

Name of the Vulnerable Software and Affected Versions: zkteco zkbio WDMS version 8.0.5 Description: An issue in the software allows an attacker to execute arbitrary code via the "/files/backup/" component. Recommendations: For zkteco zkbio WDMS version 8.0.5, consider restricting access to the...

9.8CVSS7.2AI score0.00815EPSS
Exploits0References10
Rows per page
Query Builder