Lucene search
K

148 matches found

OSV
OSV
added 2025/03/27 5:15 p.m.3 views

DEBIAN-CVE-2023-53016

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcommskstatechange syzbot reports a possible deadlock in rfcommskstatechange 1. While rfcommsockconnect acquires the sk lock and waits for the rfcomm lock, rfcommsockrelease could have the...

5.5CVSS5.6AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/19 11:25 p.m.13 views

CVE-2025-29913

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.8CVSS8.5AI score0.00657EPSS
Exploits1References1
NVD
NVD
added 2025/03/17 11:15 p.m.42 views

CVE-2025-29913

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.8CVSS0.00657EPSS
Exploits1References1
OSV
OSV
added 2025/03/17 10:50 p.m.13 views

CVE-2025-29913 CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...

9.3CVSS8.1AI score0.00657EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib version 1.3.3 and earlier, which originates from a heap buffer overflow and could result in a denial of servi...

9.8CVSS7.9AI score0.00992EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: RFCOMM: Avoid leaving a dangling sk pointer in rfcommsockalloc. The btsockalloc function attaches the allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave a...

7.8CVSS6.3AI score0.00219EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in mediapipelinestart The graph walk attempts to follow all links, even if they are not between pads. This can cause a crash, especially with a link of type MEDIALNKFLANCILLARYLINK. This issue has been...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Firefox, Thunderbird

The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

5.4CVSS6.7AI score0.00291EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/13 3:4 p.m.4 views

firefox: thunderbird: Confusing display of origin for external protocol handler prompt

The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...

5.4CVSS7.3AI score0.00291EPSS
Exploits0References9
OSV
OSV
added 2024/08/17 10:15 a.m.3 views

UBUNTU-CVE-2024-43836

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: pse-pd: Fix possible null-deref Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified. The c33 or PoDL PSE capabilities are already validated in t...

5.5CVSS5.9AI score0.0018EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/08 12:0 a.m.5 views

The vulnerability of the OLE DB driver for SQL Server, related to integer overflow, allows an attacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.2AI score0.01789EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.13 views

kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

5.5CVSS6.4AI score0.00122EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/04/30 12:0 a.m.7 views

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.02351EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/07 5:6 a.m.3 views

USN-6143-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-34414, CVE-2023-34416,...

9.8CVSS6.9AI score0.0093EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.31 views

ABB Central Licensing System Permissions, Privileges, and Access Controls (CVE-2020-8476)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.5CVSS7.2AI score0.0151EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.29 views

ABB Central Licensing System Uncontrolled Resource Consumption (CVE-2020-8475)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.5CVSS7.3AI score0.0151EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.6 views

SUSE CVE-2007-3844

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting XSS attacks with chrome privileges via an addon that inserts a 1 javascript: or 2 data: link into an about:blank document loaded by chrome via a the...

4.3CVSS8.1AI score0.05447EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-15166

lmpprintdatalinksubobjs in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks...

5.3CVSS7.2AI score0.04986EPSS
Exploits0References9
NCSC
NCSC
added 2022/09/28 12:0 a.m.5 views

Researcher discovered vulnerabilities in Layer-2 managed switches

A researcher has found vulnerabilities in network security techniques at the Layer-2 level. The vulnerabilities reside in the fact that the QinQ functionality IEEE 802.1ad standard incorrectly allows VLAN 0 priority tag and 802.2 LLC/SNAP headers can be stacked multiple define VLANs within VLANs....

4.7CVSS6.8AI score0.0071EPSS
Exploits1
OSV
OSV
added 2022/08/16 8:15 a.m.3 views

CVE-2022-33939

CENTUM VP / CS 3000 controller FCS CP31, CP33, CP345, CP401, and CP451 contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service DoS condition in ADL communication by sending a...

7.5CVSS5.8AI score0.00972EPSS
Exploits0References3
Rows per page
Query Builder