Lucene search
K

46 matches found

EUVD
EUVD
added 2026/06/26 3:53 p.m.4 views

EUVD-2023-60598

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity...

5.6CVSS5.9AI score0.00114EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 3:53 p.m.24 views

CVE-2023-20572

CVE-2023-20572 describes a timing discrepancy in the ASP that could enable a local attacker to brute-force the hash message authentication code, risking data integrity. The connected AMD bulletin AMD-SB-4012 references potential vulnerabilities on AMD Client Processor platforms affecting ASP and ...

5.6CVSS5.9AI score0.00114EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 1:55 p.m.20 views

CVE-2026-53469

Migration-planner is affected. An authenticated user can issue a DELETE to /api/v1/sources that is not properly authorized/filtered, permitting destruction of all tenant data (sources, agents, assessments) and causing critical loss of availability and integrity across the SaaS platform. Affected ...

9.1CVSS5.5AI score0.00288EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43595

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

7CVSS6AI score0.00295EPSS
Exploits0References2
Redos
Redos
added 2026/05/26 12:0 a.m.14 views

ROS-20260526-73-0001

A vulnerability in the email interpreter module of the Python programming language is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

5.5CVSS6.9AI score0.00737EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.6 views

PT-2026-34683

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version v13 Description The TDDPv2 debug protocol uses DES-CBC encryption with a cryptographic key derived from default web management credentials. This makes the key predictable when the device maintains its default...

8.8CVSS5.8AI score0.0013EPSS
Exploits0References3
Redos
Redos
added 2026/04/03 12:0 a.m.6 views

ROS-20260403-73-0038

A vulnerability in the sound/soc/soc-core.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause a denial-of-service condition...

5.5CVSS6.1AI score0.00179EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 3:34 p.m.8 views

USN-8074-1: Linux kernel (Azure) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

9.8CVSS7AI score0.09796EPSS
Exploits10
Ubuntu
Ubuntu
added 2026/02/12 10:13 a.m.15 views

USN-8031-1: Linux kernel (GCP) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

9.8CVSS8.3AI score0.09796EPSS
Exploits8
Redos
Redos
added 2026/02/11 12:0 a.m.7 views

ROS-20260211-73-0005

A vulnerability in the net/sched/schprio.c component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information, violate its integrity, and cau...

4.7CVSS6.8AI score0.00111EPSS
Exploits0
Redos
Redos
added 2026/02/03 12:0 a.m.6 views

ROS-20260203-73-0026

A vulnerability in the arm64 components of the Linux operating system kernel is related to insufficient input data validation. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...

5.5CVSS5.5AI score0.00158EPSS
Exploits0
Redos
Redos
added 2026/01/19 12:0 a.m.8 views

ROS-20260119-7370

A vulnerability in the tegraemcfindnodebyramcode function of the drivers/memory/tegra/tegra20-emc.c component of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its...

7.8CVSS7.6AI score0.00217EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.13 views

CVE-2022-31609

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure...

7.8CVSS6.7AI score0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-13196

Malware in sbrugna...

6.2CVSS6.4AI score0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-37618

Malicious code in bioql PyPI...

4.4CVSS4.7AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-44080

Malicious code in bioql PyPI...

6CVSS6.5AI score0.00221EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-6576

Malicious code in bioql PyPI...

7.2CVSS6.7AI score0.00194EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/03 2:52 p.m.7 views

phpMyFAQ duplicate email registration allows multiple accounts with the same email

Summary phpMyFAQ does not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause...

9.8CVSS7.6AI score0.00388EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/06 5:29 p.m.3 views

CVE-2024-36331

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...

3.2CVSS5.8AI score0.00144EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 p.m.8 views

CVE-2021-1109

NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams...

7.2CVSS6.9AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder