Lucene search
K

253 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.6 views

CVE-2020-24315

Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL statement passed in via the pollid POST parameter due to a lack of user input escaping. This allows users who craft specific SQL statements to dump the entire targets database...

7.5CVSS7.5AI score0.02035EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992792)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992792 advisory. In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992444 advisory. In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.151 views

📄 HP ProCurve 4.00 Credential Disclosure

Proof of concept code that performs a credential dumping attack against vulnerable HP ProCurve SNAC systems. ============================================================================================================================================= | Title : HP ProCurve 4.00 Credential Dumping...

7.2AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/12 3:35 a.m.165 views

HackTheBox-Penetration-Testing-Methodology

HackTheBox Penetration Testing Methodology by 9mmpterodacty...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.7 views

PT-2025-50496

Name of the Vulnerable Software and Affected Versions ESP32 affected versions not specified Description An enabled UART download mode on the ESP32 chip allows an attacker to extract sensitive data from the flash memory, including Wi-Fi network details stored in the NVS partition. This access also...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References8
OSV
OSV
added 2025/10/16 4:15 p.m.4 views

DEBIAN-CVE-2025-62491

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS5.5AI score0.00371EPSS
Exploits1References1
OSV
OSV
added 2025/10/16 4:15 p.m.3 views

CVE-2025-62491

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS6AI score
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/10/16 3:51 p.m.4 views

CVE-2025-62491

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS7.3AI score0.00371EPSS
Exploits1References2
CVE
CVE
added 2025/10/16 3:51 p.m.344 views

CVE-2025-62491

The CVE-2025-62491 entry concerns a Use-After-Free (UAF) in the QuickJS engine’s standard library. The vulnerability occurs in js_std_promise_rejection_check when iterating the global rejected_promise_list; during error reporting, rp->reason may be an Error with a custom property getter, and e...

8.8CVSS6.8AI score0.00371EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/10/07 3:21 p.m.14 views

CVE-2023-53684

Summary (CVE-2023-53684) in the Linux kernel's xfrm subsystem, the patch fixes a padding issue when copying data to user space. Specifically, zero padding is now used when dumping xfrm algorithms and the encap template in xfrm_user, preventing potentially sensitive padding data from being exposed...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/10/07 3:21 p.m.3 views

CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

5.5CVSS5.3AI score0.00136EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2050

Malware in sbrugna...

9.8CVSS9.3AI score0.01622EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14671

Malware in sbrugna...

8.8CVSS8.8AI score0.01213EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14954

Malware in sbrugna...

9.8CVSS9.5AI score0.01908EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35736

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-55313

Malicious code in bioql PyPI...

7.5AI score0.00205EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32190

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00459EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51968

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00855EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.4 views

PT-2025-39453

Name of the Vulnerable Software and Affected Versions Flock Safety Bravo Edge AI Compute Device version BRAVO 00.00 local 20241017 Description The Flock Safety Bravo Edge AI Compute Device allows attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader an...

5.4CVSS6AI score0.00217EPSS
Exploits1References9
Rows per page
Query Builder