Lucene search
K

210 matches found

OSV
OSV
added 2025/12/24 1:15 p.m.12 views

UBUNTU-CVE-2022-50730

In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It...

6.2AI score0.00206EPSS
Exploits0References7
CNVD
CNVD
added 2025/11/24 12:0 a.m.11 views

Revive Adserver stats-conversions.php script cross-site scripting vulnerability

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...

8.7CVSS5.9AI score0.00455EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/21 7:37 p.m.9 views

CVE-2025-52668

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS8AI score0.00455EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/20 9:30 p.m.7 views

EUVD-2025-198343

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS8AI score0.00455EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/20 7:11 p.m.4 views

CVE-2025-52668

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS8AI score0.00455EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/20 7:11 p.m.8 views

CVE-2025-52668

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS0.00455EPSS
Exploits1References1
OSV
OSV
added 2025/11/20 7:11 p.m.4 views

CVE-2025-52668

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS5.6AI score0.00455EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.6 views

PT-2025-47618

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS5.7AI score0.00455EPSS
Exploits1References1
Fedora
Fedora
added 2025/11/07 1:0 a.m.8 views

[SECURITY] Fedora 43 Update: GeographicLib-2.5.2-1.fc43

GeographicLib is a small set of C++ classes for performing conversions between geographic, UTM, UPS, MGRS, geocentric, and local Cartesian coordinates, for gravity e.g., EGM2008, geoid height and geomagnetic field e.g., WMM2010 calculations, and for solving geodesic problems. The emphasis is on...

7.5CVSS6.8AI score0.02182EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2025/10/29 12:20 a.m.3 views

kernel: HID: core: Harden s32ton() against conversion to 0 bits

In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...

7.1CVSS5.7AI score0.0015EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7399

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00389EPSS
Exploits0References5
Gitee
Gitee
added 2025/09/14 5:56 p.m.101 views

p0wnedShell

This is an offensive PowerShell host application written in C that runs PowerShell commands and functions within a PowerShell runspace environment. It includes various offensive PowerShell modules and binaries to facilitate post-exploitation activities, such as bypassing mitigations and creating...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/22 4:15 p.m.8 views

UBUNTU-CVE-2025-38660

In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References29
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-17287 Malicious code in color-convert-conversions (npm)

The package color-convert-conversions was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in color-convert-conversions (npm)

The package color-convert-conversions was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/11 1:52 p.m.8 views

BIT-LIBPHP-2020-7060 global buffer-overflow in mbfl_filt_conv_big5_wchar

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may lead to information disclosur...

9.1CVSS6.7AI score0.08888EPSS
Exploits1References15
Ubuntu
Ubuntu
added 2025/07/07 12:29 p.m.10 views

USN-7619-1: libssh vulnerabilities

Ronald Crane discovered that libssh incorrectly handled certain base64 conversions. An attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-4877 Ronald Crane discovered that libssh incorrectly handled the...

8.8CVSS6.8AI score0.02449EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.4 views

NeKernel 安全漏洞

NeKernel is a kernel operating system from NeKernel Open Source. A security vulnerability exists in versions prior to NeKernel 0.0.3 that stems from unchecked memory operations, unsafe type conversions, and improper input validation, which could lead to memory corruption, disk image corruption,...

8.8CVSS7.1AI score0.00435EPSS
Exploits0References6
Fedora
Fedora
added 2025/06/13 1:3 a.m.11 views

[SECURITY] Fedora 42 Update: mingw-icu-76.1-3.fc42

ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...

7CVSS7.3AI score0.00296EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.9 views

Amazon Linux 2 : ghostscript (ALAS-2025-2820)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2820 advisory. Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multipl...

9.8CVSS7.2AI score0.00586EPSS
Exploits0References8
Rows per page
Query Builder