Lucene search
K

6052 matches found

OSV
OSV
added 2025/04/15 3:16 p.m.4 views

CVE-2025-28142

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare...

6.5CVSS5.8AI score0.08036EPSS
Exploits1References2
CVE
CVE
added 2025/04/15 2:50 p.m.57 views

CVE-2025-32948

PeerTube (inbox via ActivityPub) is affected by CVE-2025-32948, where mishandling of Create Activity can be abused to crash the server or trigger blind SSRF by sending crafted ActivityPub activities to the inbox. The vulnerability arises from handling ActivityPub activities in playlists, enabling...

7.5CVSS7.5AI score0.00496EPSS
Exploits1References2Affected Software1
SUSE Linux
SUSE Linux
added 2025/04/15 9:33 a.m.0 views

Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005580 fixes one issue. The following security issue was fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.5CVSS7.9AI score0.00236EPSS
Exploits0References4
OSV
OSV
added 2025/04/14 9:4 a.m.3 views

SUSE-SU-2025:1238-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes one issue. The following security issue was fixed: - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218...

7.8CVSS8AI score0.00236EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2025/04/14 12:0 a.m.95 views

glibc security update

2.28-251.0.3.16 - Forward port of Oracle patches Reviewed-by: Elena Zannoni Oracle history: March-26-2025 Cupertino Miranda - 2.28-251.0.3.14 - OraBug: 36625686 Add MTE support on string functions Reviewed-by: Jose E. Marchesi March-17-2025 Cupertino Miranda - 2.28-251.0.2.14 - Forward port of...

7.5CVSS6.8AI score0.00349EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/04/13 8:50 p.m.0 views

Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002333 fixes one issue. The following security issue was fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.5CVSS7.9AI score0.00236EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/04/11 9:55 a.m.5 views

SUSE CVE-2010-2777

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...

9CVSS8.4AI score0.10388EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-18453

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved, related to the RDMA/cma component. The issue occurs when multiple calls to cma netevent callback are made in quick succession,...

5.5CVSS6.7AI score0.00168EPSS
Exploits0
OSV
OSV
added 2025/04/04 12:15 p.m.2 views

CVE-2025-3244

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add-admin.php of the component Create User Page. The manipulation of the argument Avatar leads to...

8.8CVSS5.4AI score0.00478EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/04/04 2:58 a.m.2 views

SUSE CVE-2025-21997

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

5.5CVSS7.9AI score0.00165EPSS
Exploits0References17
OSV
OSV
added 2025/04/03 8:15 a.m.2 views

DEBIAN-CVE-2025-21997

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

5.5CVSS5.6AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 8:15 a.m.0 views

UBUNTU-CVE-2025-21997

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References26
Vulnrichment
Vulnrichment
added 2025/04/03 7:19 a.m.1 views

CVE-2025-21997 xsk: fix an integer overflow in xp_create_and_assign_umem()

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

7.7AI score0.00165EPSS
Exploits0References5
Snyk
Snyk
added 2025/04/02 3:31 p.m.6 views

Missing Authorization

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Missing Authorization in the doCreateItem method. A user with Computer/Create permission can copy an agent and thereby access its configuration. Remediation Upgrade...

5.3CVSS6.8AI score0.00375EPSS
Exploits0References2
OSV
OSV
added 2025/04/02 3:31 p.m.0 views

GHSA-WR6W-JXG7-QPFH Jenkins Missing Permission Check

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration. This is due to an...

4.3CVSS7AI score0.00361EPSS
Exploits0References3
OSV
OSV
added 2025/04/02 3:31 p.m.1 views

GHSA-565R-PF5Q-45V6 Jenkins Missing Permission Check

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration. Jenkins 2.504, LTS 2.492.3 require...

4.3CVSS6.8AI score0.00375EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/04/02 3:15 p.m.4 views

CVE-2025-31721

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration...

4.3CVSS7.7AI score0.00361EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/04/02 3:15 p.m.4 views

CVE-2025-31720

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration...

4.3CVSS7.7AI score0.00375EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.5 views

PT-2025-14511 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.503 and earlier Jenkins LTS versions 2.492.2 and earlier Description: A missing permission check in Jenkins allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gainin...

4.3CVSS5.8AI score0.00361EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.4 views

PT-2025-14510 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.503 and earlier Jenkins LTS versions 2.492.2 and earlier Description: A missing permission check in Jenkins allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent,...

4.3CVSS5.4AI score0.00375EPSS
Exploits0References17
Rows per page
Query Builder