Lucene search
K

4730 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-2431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but...

5.5CVSS6.4AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an...

7.8CVSS7.6AI score0.25448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-7282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The...

5.9CVSS6.9AI score0.02067EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorizatio...

7.5CVSS7.2AI score0.00904EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost. CVE-2023-53159 Note that Nessus relie...

9.1CVSS5.4AI score0.00329EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qwsign' or 'landingPage' sysfs attributes, the store functions...

7.1CVSS6.7AI score0.00153EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-11998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contai...

9.8CVSS7.5AI score0.51225EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/17 3:28 a.m.15 views

CVE-2025-8342

The WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass due to insufficient empty value checking in the lwpajaxregister function in all versions up to, and including, 1.8.47. This makes it possible for unauthenticated attackers to...

8.1CVSS7.7AI score0.00598EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 4:11 p.m.5 views

CVE-2025-54409

A flaw was found in AIDE. This vulnerability allows an attacker to crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user can exploit this issue to cause a local denial of...

6.2CVSS5.8AI score0.00216EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from sched/ext calling updatelockedrq when rq is empty, which could result in a preemption warning...

5.5CVSS6.5AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to...

6.3CVSS6.2AI score0.01912EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-evets-empty (npm)

The package test-mlw2-evets-empty was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-27360 Malicious code in new-empty-array (npm)

The package new-empty-array was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-35298 Malicious code in test-mlw2-evets-empty (npm)

The package test-mlw2-evets-empty was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in new-empty-array (npm)

The package new-empty-array was found to contain malicious code...

7AI score
Exploits0
NVD
NVD
added 2025/08/14 4:15 p.m.3 views

CVE-2025-54409

AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...

6.2CVSS0.00216EPSS
Exploits1References5
OSV
OSV
added 2025/08/14 4:15 p.m.2 views

DEBIAN-CVE-2025-54409

AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...

5.5CVSS5.4AI score0.00216EPSS
Exploits1References1
OSV
OSV
added 2025/08/14 3:52 p.m.3 views

CVE-2025-54409 AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)

AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...

6.2CVSS6AI score0.00216EPSS
Exploits1References7
OSV
OSV
added 2025/08/14 12:5 a.m.1 views

GHSA-F9F8-9PMF-XV68 Helm May Panic Due To Incorrect YAML Content

A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...

6.5CVSS7.1AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder