Lucene search
K

1555 matches found

OSV
OSV
added 2025/08/22 4:15 p.m.2 views

UBUNTU-CVE-2025-38627

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...

7.8CVSS6.5AI score0.00154EPSS
Exploits0References15
CVE
CVE
added 2025/08/22 4:0 p.m.29 views

CVE-2025-38627

CVE-2025-38627 affects the f2fs component of the Linux kernel. The root cause is a use-after-free of f2fs_inode_info in f2fs_free_dic when decompress_io_ctx is released asynchronously after I/O completion, potentially evicting the inode before dic is used. The exploit scenario involves concurrent...

7.8CVSS6.3AI score0.00154EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/08/22 4:0 p.m.10 views

CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...

0.00154EPSS
Exploits0References5
OSV
OSV
added 2025/08/22 4:0 p.m.4 views

CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...

7.8CVSS6.1AI score0.00154EPSS
Exploits0References7
CVE
CVE
added 2025/08/20 4:34 p.m.13 views

CVE-2010-20010

CVE-2010-20010 affects Foxit PDF Reader prior to 4.2.0.0928. The flaw is a buffer overflow in the /Title entry of the PDF Info dictionary, caused by not properly bound-checking an overlong Title string, which can corrupt the SEH chain and allow arbitrary code execution in the user context. Public...

8.4CVSS7.5AI score0.00319EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/20 4:34 p.m.2 views

CVE-2010-20010 Foxit PDF Reader < 4.2.0.0928 Title Stack Buffer Overflow

Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler SEH chain, and lead to arbitrary code execution in t...

8.4CVSS8.1AI score0.00319EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/20 4:34 p.m.9 views

CVE-2010-20010 Foxit PDF Reader < 4.2.0.0928 Title Stack Buffer Overflow

Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler SEH chain, and lead to arbitrary code execution in t...

8.4CVSS0.00319EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.5 views

PT-2025-34127 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 4.2.0.0928 Description: Foxit PDF Reader does not correctly validate the /Title entry in the PDF Info dictionary. A specially crafted PDF document with an excessively long Title string can cause a fixed-size...

8.4CVSS7.4AI score0.00319EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.2 views

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 4.2.0.0928, which stems from not properly checking the Title entry in the PDF Information Dictionary, and could lead to the execution of arbitrary code...

8.4CVSS6.7AI score0.00319EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-32251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, whi...

3.7CVSS5.8AI score0.00418EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/18 12:0 a.m.4 views

Hashcat Advanced Password Recovery 7.1.1 Binary Release

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in toba-batak-dictionary (npm)

The package toba-batak-dictionary was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in dasnoo-dictionary (npm)

The package dasnoo-dictionary was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in add-dictionary (npm)

The package add-dictionary was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-14069 Malicious code in add-dictionary (npm)

The package add-dictionary was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-37005 Malicious code in toba-batak-dictionary (npm)

The package toba-batak-dictionary was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-17979 Malicious code in dasnoo-dictionary (npm)

The package dasnoo-dictionary was found to contain malicious code...

7.2AI score
Exploits0
Gitee
Gitee
added 2025/08/14 12:49 p.m.133 views

Exploit for CVE-2020-11989

使用说明 首页 所见即所得,点击对应的按钮会跳转到相应的模块 渗透测试 网站扫描 网站扫描功能缝了afrog项目地址,基本就是差不多把该扫描器的功能UI化,且内置反连无需再配置ceye或jndi已将jndi有关poc全部替换成反连地址,主动探测的漏洞或者指纹会写入到report目录下的html文件中,并没有将afrog命令的输出进行删除(所以你在go run main.go运行工具时,依然能看到命令行存在afrog的输出内容) 目标格式支持 URL 或者 IP:PORT 仅指纹扫描/指纹POC扫描/主动指纹探测 - 仅指纹扫描:只对当前网页发送两个数据包进行探测指纹 - 主动指纹探测:...

9.8CVSS8.9AI score0.24436EPSS
Exploits1
OSV
OSV
added 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

5.9CVSS6.8AI score0.12826EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-35632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.26 and prior. Easily...

4.4CVSS5.3AI score0.0039EPSS
Exploits0References2
Rows per page
Query Builder