Lucene search
K

19179 matches found

CVE
CVE
added 2025/11/13 4:32 p.m.32 views

CVE-2025-13121

CVE-2025-13121 affects cameasy Liketea 1.0.0. The vulnerability is in the API Endpoint’s front-end StoreController.php, specifically the list function, where improper handling/manipulation of the lng/lat arguments enables SQL injection. Multiple connected sources (NVD, Red Hat, CVE records, CNVD/...

7.5CVSS7.2AI score0.00325EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/13 4:2 p.m.10 views

CVE-2025-40145

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

5.8AI score0.00197EPSS
Exploits0References4
CISA
CISA
added 2025/11/13 12:0 p.m.5 views

CISA Releases 18 Industrial Control Systems Advisories

CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...

6.6AI score
Exploits0References18
NVD
NVD
added 2025/11/13 10:15 a.m.4 views

CVE-2025-7704

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...

5.4CVSS0.00203EPSS
Exploits0References1
Veracode
Veracode
added 2025/11/13 8:14 a.m.8 views

Prototype Pollution

parse is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the SingleInstanceStateController.initializeState function, which allows an attacker to inject malicious properties into Object.prototype via a crafted payload, leading to denial of...

6.5CVSS6.8AI score0.00326EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/11/13 12:30 a.m.2 views

EUVD-2025-150377

In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the device is released...

5.8AI score0.00171EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

Supermicro BMC 安全漏洞

The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in Supermicro BMC that stems from a stack-based buffer overflow in the Insyde SMASH shell program...

5.4CVSS7.3AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.4 views

Like Tea SQL注入漏洞

Like Tea is a multi-store tea drinking applet open source by comeasy. Like Tea version 1.0.0 SQL injection vulnerability exists , the vulnerability stems from the file laravel/app/Http/Controllers/Front/StoreController.php in the list function of the lng/lat parameter is not handled properly ,...

7.5CVSS7.8AI score0.00325EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-53165)

In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in registerintccontroller In the error handling for this function, d is freed without ever removing it from intclist which would lead to a use after free. To fix this, let's only add it to the lis...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-20367)

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

9.1CVSS7.1AI score0.02805EPSS
Exploits1References4
NVD
NVD
added 2025/11/12 10:15 p.m.4 views

CVE-2023-7329

Tinycontrol LAN Controller v3 LK3 firmware versions up to 1.58a hardware v3.8 contain a missing authentication vulnerability in the stm.cgi endpoint. A remote, unauthenticated attacker can send crafted requests to forcibly reboot the device or restore factory settings, leading to a denial of...

8.7CVSS0.00819EPSS
Exploits1References6
CVE
CVE
added 2025/11/12 9:56 p.m.17 views

CVE-2025-40192

CVE-2025-40192 concerns the Linux kernel where a revert of the IPMI msg-stack fix (ipmi: fix msg stack when IPMI is disconnected) introduced a subtle bug. According to the description, certain BMCs can cause the IPMI driver to enter an infinite loop when misbehaving in a specific way, and reports...

6.1AI score0.00162EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/12 12:30 p.m.3 views

EUVD-2025-124926

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

5.8AI score0.00199EPSS
Exploits0References5
NVD
NVD
added 2025/11/12 11:15 a.m.5 views

CVE-2025-40157

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

0.00199EPSS
Exploits0References4
OSV
OSV
added 2025/11/12 11:15 a.m.3 views

UBUNTU-CVE-2025-40157

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

5.7AI score0.00199EPSS
Exploits0References16
The Hacker News
The Hacker News
added 2025/11/12 11:7 a.m.7 views

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making ...

7.2AI score
Exploits0
CVE
CVE
added 2025/11/12 10:23 a.m.17 views

CVE-2025-40157

CVE-2025-40157 relates to the Linux kernel EDAC i10nm driver. When loading i10nm_edac on some Intel Granite Rapids systems, a memory-controller being disabled by BIOS can yield an invalid DIMM Master Tim register value, triggering a UBSAN shift-out-of-bounds call trace. The documented fix is to s...

5.9AI score0.00199EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/12 10:23 a.m.5 views

CVE-2025-40157

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

5.1AI score0.00199EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.7 views

CVE-2025-40157 EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

0.00199EPSS
Exploits0References4
OSV
OSV
added 2025/11/12 10:23 a.m.3 views

CVE-2025-40157 EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...

6.2AI score0.00199EPSS
Exploits0References7
Rows per page
Query Builder