Lucene search
K

3146 matches found

Vulnrichment
Vulnrichment
added 2025/09/15 2:22 p.m.2 views

CVE-2023-53237 drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv110hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

8AI score0.00145EPSS
Exploits0References4
CVE
CVE
added 2025/09/15 2:21 p.m.53 views

CVE-2022-50266

The CVE-2022-50266 issue is in the Linux kernel kprobes path: kill_kprobe() incorrectly disarms a probe because KPROBE_FLAG_GONE is set before checking the probe’s enabled state, causing !kprobe_disabled(p) to evaluate to false and bypass necessary disarm handling. The fix adds the enabled-check ...

5.5CVSS6AI score0.00143EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/09/15 2:21 p.m.12 views

CVE-2022-50266 kprobes: Fix check for probe enabled in kill_kprobe()

In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in killkprobe In killkprobe, the check whether disarmkprobeftrace needs to be called always fails. This is because before that we set the KPROBEFLAGGONE flag for kprobe so that...

5.5CVSS6.1AI score0.00143EPSS
Exploits0References6
NVD
NVD
added 2025/09/15 2:15 p.m.5 views

CVE-2023-53193

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv100hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

5.5CVSS0.00145EPSS
Exploits0References4
CVE
CVE
added 2025/09/15 2:6 p.m.19 views

CVE-2023-53193

CVE-2023-53193 – Linux kernel (amdgpu): The issue is in the drm/amdgpu driver, specifically gmc_v10_0_hw_fini calling amdgpu_irq_put. The firmware enables gmc.ecc_irq and the host driver is not privileged to enable/disable it, making amdgpu_irq_put in gmc_v10_0_hw_fini meaningless and causing a c...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/09/15 2:6 p.m.6 views

CVE-2023-53193 drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv100hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.4 views

PT-2025-37557

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the gmc v10 0 hw fini function within the drm/amdgpu module. The issue relates to an unnecessary call to amdgpu irq put when the gmc.ecc irq interru...

6.1AI score0.00145EPSS
Exploits0References7
Gitee
Gitee
added 2025/09/13 5:41 p.m.86 views

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773, a remote code execution vulnerability in Apache HTTP Server versions 2.4.49 and 2.4.50. The exploit targets the CGI enabled feature of these versions, allowing an attacker to execute arbitrary code on the server. The exploit is written in Python and uses...

7.5CVSS8.7AI score0.99992EPSS
Exploits148
OSV
OSV
added 2025/09/12 11:46 a.m.5 views

BIT-NIFI-2022-33140 Improper Neutralization of Command Elements in Shell User Group Provider

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...

8.8CVSS7.6AI score0.03674EPSS
Exploits0References3
CVE
CVE
added 2025/09/09 2:5 a.m.15 views

CVE-2025-42911

CVE-2025-42911 affects SAP NetWeaver (Service Data Download). An authenticated user can call a remote-enabled function module, potentially exposing information about the SAP system and operating system. The impact is described as low confidentiality impact, with no stated effects on integrity or ...

5CVSS5.8AI score0.002EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/09 1:30 a.m.6 views

CVE-2025-36100

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local us...

5.1CVSS6.4AI score0.00094EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/09/08 11:22 p.m.3 views

SUSE CVE-2025-39724

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERRRESPEN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR Receive Buffer Register while the FIFO is enabled. In...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References22
OSV
OSV
added 2025/09/07 1:15 a.m.4 views

CVE-2025-36100

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/07 12:37 a.m.2 views

CVE-2025-36100 IBM MQ information disclosure

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...

5.1CVSS6.1AI score0.00094EPSS
Exploits0References1
CVE
CVE
added 2025/09/07 12:37 a.m.25 views

CVE-2025-36100

CVE-2025-36100 affects IBM MQ LTS and CD client components where enabling trace stores a password in client configuration files that a local user can read. The IBM bulletin details affected MQ LTS versions (9.1.0.0–9.1.0.29, 9.2.0.0–9.2.0.36, 9.3.0.0–9.3.0.30, 9.4.0.0–9.4.0.12) and MQ CD (9.3.0.0...

5.5CVSS6.1AI score0.00094EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/07 12:37 a.m.6 views

CVE-2025-36100 IBM MQ information disclosure

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...

5.1CVSS0.00094EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/07 12:0 a.m.4 views

PT-2025-36405

Name of the Vulnerable Software and Affected Versions: IBM MQ LTS versions 9.1.0.0 through 9.1.0.29 IBM MQ LTS versions 9.2.0.0 through 9.2.0.36 IBM MQ LTS versions 9.3.0.0 through 9.3.0.30 IBM MQ LTS versions 9.4.0.0 through 9.4.0.12 IBM MQ CD versions 9.3.0.0 through 9.3.5.1 IBM MQ CD versions...

5.1CVSS6.1AI score0.00094EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/07 12:0 a.m.3 views

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from storing passwords in client configuratio...

5.5CVSS6.4AI score0.00094EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/06 7:31 p.m.5 views

CVE-2025-26431

In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.9AI score0.00083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 7:31 p.m.8 views

CVE-2024-40664

In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitati...

6.2CVSS6.2AI score0.00078EPSS
Exploits0References1
Rows per page
Query Builder