Lucene search
K

4730 matches found

Debian CVE
Debian CVE
•added 2025/07/28 11:12 a.m.•2 views

CVE-2025-38468

In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

5.5CVSS5.6AI score0.00162EPSS
Exploits0
CNNVD
CNNVD
•added 2025/07/28 12:0 a.m.•5 views

Linux kernel å®‰å…Øę¼ę“ž

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an out-of-bounds read on an empty string write...

7.1CVSS7AI score0.00153EPSS
Exploits0References11
OSV
OSV
•added 2025/07/26 1:56 p.m.•0 views

BELL-CVE-2025-38388

Bulletin has no description...

5.5CVSS7.2AI score0.00117EPSS
Exploits0References1
OSV
OSV
•added 2025/07/26 1:56 p.m.•1 views

BELL-CVE-2025-38392

Bulletin has no description...

5.5CVSS7.2AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2025/07/26 3:33 a.m.•8 views

CVE-2025-4395

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...

6.8CVSS7AI score0.0027EPSS
Exploits0References1
OSV
OSV
•added 2025/07/25 1:15 p.m.•3 views

UBUNTU-CVE-2025-38400

In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...

5.5CVSS6.1AI score0.00183EPSS
Exploits0References42
ICS
ICS
•added 2025/07/24 6:0 a.m.•3 views

Medtronic MyCareLink Patient Monitor (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could lead to system compromise, unauthorized access to sensitive data, and manipulation of the monitor's functionality. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment...

6.8CVSS5.7AI score0.00188EPSS
Exploits0References10
Vulnrichment
Vulnrichment
•added 2025/07/24 3:30 a.m.•2 views

CVE-2025-4395 Medtronic MyCareLink Patient Monitor Empty Password Vulnerability

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...

6.8CVSS6.4AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2025/07/24 3:30 a.m.•2 views

CVE-2025-4395

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...

6.8CVSS5.9AI score0.0027EPSS
Exploits0References4
CVE
CVE
•added 2025/07/24 3:30 a.m.•16 views

CVE-2025-4395

Medtronic MyCareLink Patient Monitor (models 24950/24952) is affected by CVE-2025-4395 due to a built-in user account with an empty password, enabling a physically present attacker to log in without authentication and modify system functionality. Affected component: built-in user account on the d...

6.8CVSS6.2AI score0.0027EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/07/24 3:30 a.m.•10 views

CVE-2025-4395 Medtronic MyCareLink Patient Monitor Empty Password Vulnerability

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...

6.8CVSS0.0027EPSS
Exploits0References2
CNNVD
CNNVD
•added 2025/07/24 12:0 a.m.•2 views

Medtronic MyCareLink Patient Monitor å®‰å…Øę¼ę“ž

Medtronic MyCareLink Patient Monitor is an open source monitoring system for remote patient monitoring from Medtronic in the United States. A security vulnerability exists in Medtronic MyCareLink Patient Monitor versions prior to 2025.6.25, which stems from the use of an empty password for the...

6.8CVSS6.8AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 2025/07/22 12:0 a.m.•5 views

PT-2025-44135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the NTFS3 file system driver. The issue arises when attempting index allocation if the $BITMAP attribute is empty, yet index blocks are present,...

4.6CVSS5.4AI score0.00183EPSS
Exploits0
SUSE CVE
SUSE CVE
•added 2025/07/19 11:21 p.m.•8 views

SUSE CVE-2025-38350

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

7.3CVSS6.6AI score0.0018EPSS
Exploits0References33
OSV
OSV
•added 2025/07/19 7:15 a.m.•14 views

AZL-72593 CVE-2025-38350 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

7.8CVSS6.3AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2025/07/19 6:46 a.m.•3 views

CVE-2025-38350 net/sched: Always pass notifications when child class becomes empty

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

6.2AI score0.0018EPSS
Exploits0References8
Cvelist
Cvelist
•added 2025/07/19 6:46 a.m.•10 views

CVE-2025-38350 net/sched: Always pass notifications when child class becomes empty

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

0.0018EPSS
Exploits0References8
OSV
OSV
•added 2025/07/17 9:19 p.m.•4 views

GHSA-9RCW-C2F9-2J55 OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

Impact The lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length is empty i.e. buffer.length == 0 and position is not 2256 - 1 i.e. pos != typeuint256.max. The pos argument could be used...

6.9CVSS6.7AI score0.00334EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 2025/07/17 6:25 p.m.•6 views

CVE-2025-54070 OpenZeppelin Contracts's Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length...

6.9CVSS7.6AI score0.00334EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2025/07/17 5:54 p.m.•4 views

CVE-2025-53638 Solady lacks extcodesize validation on implementation in ERC4337Factory

Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an account is deployed via a proxy, using regular Solidity to call its initialization function may result in a silent failure, if the initialization function does not return...

6.9CVSS6.4AI score0.00316EPSS
Exploits0References2
Rows per page
Query Builder