Lucene search
K

19 matches found

FreeBSD
FreeBSD
added 2026/03/31 12:0 a.m.9 views

Mbed TLS -- vulnerabilities

https://mbed-tls.readthedocs.io/en/latest/security-advisories/ reports: Client impersonation while resuming a TLS 1.3 session CVE-2026-34873 Entropy on Linux can fall back to /dev/urandom CVE-2026-34871 PSA random generator cloning CVE-2026-25835 Compiler-induced constant-time violations...

9.8CVSS5.9AI score0.00426EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/25 9:16 p.m.5 views

CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

4.9CVSS6.3AI score0.00306EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/17 8:47 p.m.29 views

CVE-2025-43514

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data...

0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-4708

Malware in sbrugna...

4.7CVSS4.9AI score0.00288EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-18380

Malicious code in bioql PyPI...

6.7CVSS8.7AI score0.00727EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 5:23 p.m.41 views

CVE-2025-26637 Windows BitLocker Security Feature Bypass Vulnerability

...

6.8CVSS0.00767EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.6 views

The vulnerability of VMware NSX network virtualization platform, related to the lack of security measures for website structures, allows attackers to gain unauthorized access to protected information.

The vulnerability of VMware NSX network virtualization platform is related to the lack of security measures for the website structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by replacing the URL address...

5CVSS5.5AI score0.0031EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.17 views

The vulnerability of the gswipremove() function in Lantiq/Intel GSWIP kernel drivers for Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gswipremove function in the drivers/net/dsa/lantiqgswip.c file of the Lantiq/Intel GSWIP driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.4AI score0.00227EPSS
Exploits0References13Affected Software3
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.3 views

PT-2022-2958 · Sonicwall · Sonicwall Sma1000

Name of the Vulnerable Software and Affected Versions: SonicWall SMA1000 series firmware versions 12.4.0, 12.4.1-02965 and earlier Description: The issue is related to the use of a shared and hard-coded encryption key to store data. This could allow an attacker to disclose protected information...

7.5CVSS7.2AI score0.04397EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.6 views

The vulnerability of the `ntfsattr_pread_i` function in the NTFS file system driver for the FUSE NTFS-3G module, related to writing beyond the buffer boundary, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ntfsattrpreadi function in the NTFS file system driver for the FUSE NTFS-3G module is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS6.8AI score0.00425EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.5 views

The vulnerability of the Performance API component in the Google Chrome web browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Performance API component in the Google Chrome web browser is related to the lack of protection for the transmitted data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.3CVSS7AI score0.19228EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2020/07/17 12:0 a.m.6 views

The vulnerability of Moxa EDR-G902 and EDR-G903 microcontroller-based software, related to buffer overflow in the stack, allows attackers to compromise the confidentiality, integrity, or accessibility of the protected information.

The vulnerability of the microprogramming software of Moxa EDR-G902 and EDR-G903 is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, or accessibility of the protected information...

7.5CVSS5.9AI score
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/06/17 12:0 a.m.8 views

The vulnerability of the GLPI system’s request, incident, and asset inventory management processes, related to improper elimination of special elements used in SQL commands, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

7.6CVSS7.2AI score0.01015EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.6 views

The vulnerability of the Win32k component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Win32k component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.02077EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.4 views

The vulnerability of the Django library for the Python programming language, which allows attackers to compromise the integrity of protected information

The vulnerability of the Django library for the Python programming language is related to insufficient elimination of special elements in the output data used by the lower-level component. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.5CVSS6.5AI score0.03685EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.4 views

The vulnerability of the iOS operating system, due to errors in processing NAS messages, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the iOS operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the information protected during the processing of Downlink NAS messages in Qualcomm Telephony. Th...

10CVSS8.2AI score0.0307EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/06/22 6:29 p.m.4 views

CVE-2017-1326

IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060...

4.3CVSS5.8AI score0.00796EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The numerous vulnerabilities of the mono-mcs package in the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.0362EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the iscsitarget-kmp-default-debuginfo package of the OpenSUSE operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

9.3CVSS6.6AI score0.05926EPSS
Exploits15References15Affected Software1
Rows per page
Query Builder