Lucene search
K

7 matches found

EUVD
EUVD
added 2026/05/08 2:27 p.m.13 views

EUVD-2026-28647

Langfuse is an open source large language model engineering platform. From version 3.68.0 to before version 3.167.0, there is a role-based-access control flaw in the LLM connection update flow. An authenticated, low-privileged user of role “member” in a project could request the update of an...

5.3CVSS5.7AI score0.00181EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

langfuse 访问控制错误漏洞

Langfuse is an open-source large language model engineering platform developed by Langfuse. Versions 3.68.0 to 3.167.0 contained a access control vulnerability. This vulnerability stemmed from a role-based access control flaw in the LLM connection update process. It could allow low-privilege user...

5.4CVSS5.8AI score0.00181EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.5 views

CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.7AI score0.00167EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.9 views

PT-2025-6973 · Unknown +2 · Oauthimap Plugin +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 10.0.17 Description: The issue allows unauthorized access to GLPI when a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, leveraging existing Oauth...

9.8CVSS4.5AI score0.86182EPSS
Exploits9References75
Veracode
Veracode
added 2024/09/16 9:10 a.m.10 views

Heap-based Buffer Overflow

libzephyr.so is vulnerable to a Heap-based Buffer Overflow. The vulnerability is due to inadequate validation of buffer lengths in BLE connection update operations, which could lead to a divide by zero condition...

7.6CVSS6.9AI score0.00437EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/08/19 10:15 p.m.5 views

CVE-2024-4785

BT: Missing Check in LLCONNECTIONUPDATEIND Packet Leads to Division by Zero...

6.5CVSS5.5AI score0.00456EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 7:5 p.m.19 views

CVE-2023-2683 Connection update while closing connection may lead to denial-of-service

A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device immediately clears the error...

5.3CVSS6.6AI score0.00291EPSS
Exploits0References2
Rows per page
Query Builder