Lucene search
K

270 matches found

CNNVD
CNNVD
added 2025/09/30 12:0 a.m.9 views

Rapid7 AppSpider Pro 数据伪造问题漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...

3.3CVSS6.6AI score0.00084EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of devlink locking, which could lead to locking conflicts during synchronization resets...

5.5CVSS5.9AI score0.00107EPSS
Exploits0References5
OSV
OSV
added 2025/09/15 3:15 p.m.3 views

DEBIAN-CVE-2022-50332

In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...

5.5CVSS5.4AI score0.00125EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/15 12:0 a.m.3 views

Oracle Linux 10 : kernel (ELSA-2025-15662)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15662 advisory. 6.12.0-55.32.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 -...

7.4CVSS7.6AI score0.01345EPSS
Exploits8References2
Microsoft CVE
Microsoft CVE
added 2025/09/06 8:5 a.m.3 views

drbd: add missing kref_get in handle_write_conflicts

...

7.8CVSS6.8AI score0.00157EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/09/04 11:23 p.m.4 views

SUSE CVE-2025-38708

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS6.3AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2025/09/04 4:15 p.m.3 views

CVE-2025-38708

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS0.00157EPSS
Exploits0References13
OSV
OSV
added 2025/09/04 4:15 p.m.6 views

AZL-66824 CVE-2025-38708 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS5.6AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 4:15 p.m.2 views

DEBIAN-CVE-2025-38708

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 4:15 p.m.9 views

AZL-75303 CVE-2025-38708 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS5.6AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 4:15 p.m.5 views

UBUNTU-CVE-2025-38708

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS6.5AI score0.00157EPSS
Exploits0References37
CVE
CVE
added 2025/09/04 3:32 p.m.33 views

CVE-2025-38708

CVE-2025-38708 is addressed in the Linux kernel via a fix in DRBD: a missing kref_get in handle_write_conflicts when two-primaries are enabled could cause a use-after-free and kernel crash. The issue occurs during detection of concurrent writes to the same sector across nodes, where premature drb...

7.8CVSS5.9AI score0.00157EPSS
Exploits0References13Affected Software1
Cvelist
Cvelist
added 2025/09/04 3:32 p.m.8 views

CVE-2025-38708 drbd: add missing kref_get in handle_write_conflicts

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

0.00157EPSS
Exploits0References9
OSV
OSV
added 2025/09/04 3:32 p.m.3 views

CVE-2025-38708 drbd: add missing kref_get in handle_write_conflicts

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS6.1AI score0.00157EPSS
Exploits0References14
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:50 a.m.6 views

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

...

3.6CVSS7AI score0.004EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-0410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A...

7.7CVSS7.3AI score0.00455EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2025/08/19 12:0 a.m.4 views

kernel security update

5.14.0-570.35.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

7.8CVSS6.8AI score0.00371EPSS
Exploits0
Oracle linux
Oracle linux
added 2025/08/18 12:0 a.m.15 views

kernel security update

4.18.0-553.70.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

7.8CVSS8.8AI score0.00173EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.5 views

The vulnerability of the distributed version control system Git used by Microsoft Visual Studio allows a perpetrator to execute arbitrary code.

The vulnerability of the distributed version control system Git used by Microsoft Visual Studio is related to the occurrence of interpretation conflicts. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8CVSS7.6AI score0.02775EPSS
Exploits9References15Affected Software11
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.3 views

LlamaIndex 安全漏洞

LlamaIndex is a data framework for LLM applications open-sourced by LlamaIndex. A security vulnerability exists in LlamaIndex version 0.12.28 and earlier, which stems from the use of MD5 hashing to generate document block IDs, which could lead to hash conflicts...

6.5CVSS6.3AI score0.00314EPSS
Exploits1References3
Rows per page
Query Builder