Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.15 views

PT-2026-37157

Name of the Vulnerable Software and Affected Versions Flarum versions prior to 1.8.16 Flarum versions prior to 2.0.0-rc.1 Description An authenticated administrator can inject an arbitrary @import directive into the compiled forum.css file. This occurs because settings registered as LESS config...

4.9CVSS5.9AI score0.00404EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.6 views

SUSE CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS7AI score0.00191EPSS
Exploits0References23
OSV
OSV
added 2025/08/19 5:15 p.m.6 views

AZL-66464 CVE-2025-38585 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS5.9AI score0.00191EPSS
Exploits0References1
OSV
OSV
added 2025/08/19 5:15 p.m.12 views

UBUNTU-CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS6.8AI score0.00191EPSS
Exploits0References29
The Hacker News
The Hacker News
added 2022/05/05 10:58 a.m.14 views

Heroku Forces User Password Resets Following GitHub OAuth Token Theft

Salesforce-owned subsidiary Heroku on Thursday acknowledged that the theft of GitHub integration OAuth tokens further involved unauthorized access to an internal customer database. The company, in an updated notification, revealed that a compromised token was abused to breach the database and...

1.1AI score
Exploits0
Rows per page
Query Builder