Lucene search
K

373 matches found

EUVD
EUVD
added 2026/01/08 6:34 p.m.5 views

EUVD-2026-1425

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...

6.3CVSS6.4AI score0.00424EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-25989

Impact Some specific 1 out of 256 User Supplied Secrets USS were not used, making the resulting Compound Device Identifier CDI the same as if no USS was provided. Affected client applications: all client apps using the tkeyclient Go module. Patches Upgrade to v1.3.0. NOTE WELL: For the affected e...

4.7CVSS6AI score0.00246EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2025/12/17 7:48 a.m.4 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
OSV
OSV
added 2025/12/08 1:16 a.m.2 views

DEBIAN-CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

5.2AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/12/08 12:46 a.m.4 views

CVE-2025-40320 smb: client: fix potential cfid UAF in smb2_query_info_compound

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

6.3AI score0.00162EPSS
Exploits0References7
Wired Threat Level
Wired Threat Level
added 2025/11/26 4:33 p.m.5 views

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’

Myanmar’s military has been blowing up parts of the KK Park scam compound. Experts say the actions are likely for show...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/24 8:17 p.m.3 views

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

7.5CVSS5.4AI score0.00154EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/11/22 1:2 a.m.7 views

Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

...

5.5CVSS7AI score0.00154EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert NFSD: Remove the cap on number of operations per NFSv4 COMPOUND I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which...

7AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/21 12:32 p.m.11 views

EUVD-2025-198437

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.9AI score0.00154EPSS
Exploits0References3
NVD
NVD
added 2025/11/21 11:15 a.m.13 views

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

0.00154EPSS
Exploits0References2
OSV
OSV
added 2025/11/21 11:15 a.m.2 views

DEBIAN-CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.3AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2025/11/21 11:15 a.m.8 views

AZL-70660 CVE-2025-40210 affecting package kernel for versions less than 6.6.112-1

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.6AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2025/11/21 11:15 a.m.4 views

UBUNTU-CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.7AI score0.00154EPSS
Exploits0References10
CVE
CVE
added 2025/11/21 10:21 a.m.19 views

CVE-2025-40210

CVE-2025-40210 relates to the Linux kernel NFSD component, where a missing cap on the number of operations per NFSv4 COMPOUND could allow an attacker to place an arbitrarily large op count in the COMPOUND header, triggering a vmalloc allocation failure for the COMPOUND op array. The issue has bee...

6AI score0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/21 10:21 a.m.20 views

CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

0.00154EPSS
Exploits0References2
OSV
OSV
added 2025/11/21 10:21 a.m.6 views

CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

6.3AI score0.00154EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/11/21 10:21 a.m.5 views

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.3AI score0.00154EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.17 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of the limit on the number of NFSv4 COMPOUND operations, which could lead to an over-allocation ...

6.1AI score0.00154EPSS
Exploits0References3
Wired Threat Level
Wired Threat Level
added 2025/11/14 8:30 p.m.3 views

DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound

A new US law enforcement initiative is aimed at crypto fraudsters targeting Americans—and now seeks to seize infrastructure it claims is crucial to notorious scam compounds...

7AI score
Exploits0
Rows per page
Query Builder