Lucene search
K

4730 matches found

CNNVD
CNNVD
added 2025/07/02 12:0 a.m.2 views

ModSecurity 输入验证错误漏洞

ModSecurity is an open source, cross-platform web application firewall WAF engine from OWASP ModSecurity Open Source. An input validation error vulnerability exists in ModSecurity versions prior to 2.9.8 through 2.9.11, which stems from an empty XML tag that could lead to a segmentation error...

6.5CVSS9AI score0.00346EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if a list is empty, which could lead to invalid pointer references...

5.5CVSS7.9AI score0.00136EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 1:32 a.m.4 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 1:5 a.m.4 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:57 a.m.3 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:49 a.m.8 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:44 a.m.5 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:43 a.m.5 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:38 a.m.11 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.6 views

RHEL 8 : mod_auth_openidc:2.3 (RHSA-2025:10003)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10003 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...

7.5CVSS6.3AI score0.01214EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.20 views

RHEL 9 : mod_auth_openidc (RHSA-2025:10002)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10002 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...

7.5CVSS6.3AI score0.01214EPSS
Exploits0References4
CNVD
CNVD
added 2025/06/27 12:0 a.m.3 views

Hostel Management System empty_rooms.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /emptyrooms.php. An attacker can use this vulnerability to...

9.8CVSS8.3AI score0.00415EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2025/06/25 8:15 a.m.4 views

CVE-2024-51979

An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...

7.2CVSS7.4AI score0.01056EPSS
Exploits0References10Affected Software80
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.4 views

PT-2025-26824 · Qcuda · Qcuda

Name of the Vulnerable Software and Affected Versions: coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e Description: A vulnerability was found in the function qcow make empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s-l1 size leads to integer...

5.3CVSS5.1AI score0.00134EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/06/23 4:2 p.m.6 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
OSV
OSV
added 2025/06/20 2:15 a.m.3 views

CVE-2025-6296

A vulnerability was found in code-projects Hostel Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /emptyrooms.php. The manipulation of the argument searchbox leads to sql injection. The attack may be launched remotely. The...

9.8CVSS5.8AI score0.00415EPSS
Exploits1References5
CVE
CVE
added 2025/06/20 1:31 a.m.17 views

CVE-2025-6296

CVE-2025-6296 affects code-projects Hostel Management System 1.0. Multiple sources confirm a SQL injection vulnerability in the file /empty_rooms.php caused by lack of validation of the search_box parameter. The issue can be exploited remotely, potentially exposing or altering database data and a...

9.8CVSS7.5AI score0.00415EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/19 8:53 p.m.5 views

CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

3.3CVSS7.2AI score0.00216EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/06/19 3:45 a.m.2 views

SUSE CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

5.5CVSS6.5AI score0.00216EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/06/19 3:14 a.m.2 views

SUSE CVE-2025-38077

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in currentpasswordstore If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index...

5.5CVSS8.3AI score0.00183EPSS
Exploits0References16
Rows per page
Query Builder