Lucene search
K

17 matches found

Snyk
Snyk
added 2026/05/15 6:29 p.m.6 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to disabled TLS certificate validation in production environments. An attacker can intercept sensitive SOAP traffic, including patient identifiers, authentication operations, document content, and...

8.6CVSS5.5AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 6:30 p.m.18 views

EUVD-2026-30017

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

5.8AI score0.00119EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

5.7AI score0.00114EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/03/10 7:19 p.m.7 views

CVE-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...

5.3CVSS5.7AI score0.00315EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.6 views

CVE-2025-71197

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarmsstore The sysfs buffer passed to alarmsstore is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byt...

5.6AI score0.00191EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2025/12/16 3:30 p.m.6 views

EUVD-2025-203647

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

5.9AI score0.00176EPSS
Exploits0References8
NVD
NVD
added 2025/11/12 11:15 a.m.5 views

CVE-2025-40118

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...

0.00188EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/06/12 12:0 a.m.17 views

CVE-2024-37878

Cross Site Scripting vulnerability in TWCMS v.2.0.3 allows a remote attacker to execute arbitrary code via the /TWCMS-gh-pages/twcms/runtime/twcmsview/default,index.htm.php" PHP directly echoes parameters input from external sources...

0.00374EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/12/05 11:0 p.m.15 views

Watch out for this triple threat PayPal phish

ZDNet reports an interesting form of PayPal scam sent to one of their own writers. The scam is a so-called "triple threat" phish, in that it gives the scammer three different ways to potentially collect some ill gotten gains from potential victims. The idea is that if one of the three tactics...

0.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/11/05 8:50 p.m.11 views

americadourada.ba.gov.br Cross Site Scripting vulnerability OBB-2239270

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/04 12:0 a.m.136 views

Car Rental Management System 1.0 Remote Code Execution

Exploit Title: Car Rental Management System v1.0 - Unauthenticated RCE Exploit Author: Adeeb Shah @hyd3sec Shout out: Bobby Cooke boku Date: August 3, 2020 Vendor Homepage: https://projectworlds.in Software Link:...

Exploits0
Kitploit
Kitploit
added 2019/11/28 8:33 p.m.158 views

Netstat2Neo4J - Create Cypher Create Statements For Neo4J Out Of Netstat Files From Multiple Machines

Graphs help to spot anomalies and patterns in large datasets. This script takes netstat information from multiple hosts and formats them in a way to make them importable into Neo4j. Neo4j can be queried for find connections to certain hosts, from certain hosts, find out the usage or protocols and...

6.9AI score
Exploits0References1
OSV
OSV
added 2019/07/31 6:15 p.m.3 views

CVE-2019-1901

A vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges. T...

8.8CVSS7.8AI score0.01073EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/03/19 10:31 a.m.16 views

shop.obkladypasek.cz XSS vulnerability

Open Bug Bounty ID: OBB-582520 Description| Value ---|--- Affected Website:| shop.obkladypasek.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
OSV
OSV
added 2016/12/14 12:0 a.m.2 views

UBUNTU-CVE-2016-9951

An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in RespawnCommand or ProcCmdline fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the...

6.5CVSS6.8AI score0.06674EPSS
Exploits5References4
securityvulns
securityvulns
added 2015/08/10 12:0 a.m.33 views

FreeBSD routed DoS

Crash on RIP request from non-directly connected network...

4CVSS1.1AI score0.02649EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2012/03/13 3:11 p.m.6 views

10 Lessons learnt from Kim Dotcom

10 Lessons learnt from Kim Dotcom Article Cross Post from InternetServices. Kim Dotcom, a hacker that was able to take his knowledge and create a site called Megaupload, was recently arrested due to alleged copyright infringement allegations. Even though he was the top dog in the company, he did...

7.1AI score
Exploits0
Rows per page
Query Builder