Lucene search
K

17055 matches found

Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.6 views

PT-2025-47174

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware, potentially exploiting a TOCTOU race condition. This could lead to a read and/or write of data outside the...

7.4CVSS6.5AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/17 12:0 a.m.1 views

RHEL 10 : buildah (RHSA-2025:21633)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21633 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/16 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-13097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted...

5.4CVSS5.7AI score0.00144EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/15 12:0 a.m.6 views

SUSE SLES15: tomcat10 / tomcat10-admin-webapps / tomcat10-doc / etc (SUSE-SU-2025:4103-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4103-1 advisory. Update to Tomcat 10.1.48 - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled...

9.6CVSS7.2AI score0.66535EPSS
Exploits4References10
OSV
OSV
added 2025/11/14 12:39 p.m.6 views

OESA-2025-2686 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.4 views

OESA-2025-2685 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.1 views

OESA-2025-2683 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00294EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 12:39 p.m.3 views

OESA-2025-2682 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.2 views

OESA-2025-2681 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.7AI score0.00418EPSS
Exploits2References3
SUSE Linux
SUSE Linux
added 2025/11/14 9:57 a.m.11 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.48 CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...

7.7CVSS6.8AI score0.66535EPSS
Exploits4References12
OSV
OSV
added 2025/11/14 9:56 a.m.8 views

SUSE-SU-2025:4103-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.48 - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 -...

9.6CVSS7.2AI score0.66535EPSS
Exploits4References7
Snyk
Snyk
added 2025/11/14 4:4 a.m.2 views

Protection Mechanism Failure

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Protection Mechanism Failure via the inspectedWindow.reload method and resource access functions in the DevTools Extensions API. An attacker can escape the extension sandbox and access or...

9.6CVSS6.7AI score0.00176EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/14 4:4 a.m.2 views

Protection Mechanism Failure

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Protection Mechanism Failure through the openInNewTab function in the InspectorFrontendHostStub class within Chrome's DevTools component. An attacker can perform a sandbox escape by...

9.3CVSS6.7AI score0.00144EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/14 3:30 a.m.3 views

EUVD-2025-180546

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6.5AI score0.00144EPSS
Exploits1References3
NVD
NVD
added 2025/11/14 3:15 a.m.5 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS0.00144EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 3:15 a.m.1 views

DEBIAN-CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.6AI score0.00144EPSS
Exploits1References1
OSV
OSV
added 2025/11/14 3:15 a.m.2 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2025/11/14 3:15 a.m.1 views

DEBIAN-CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS7.3AI score0.00176EPSS
Exploits1References1
NVD
NVD
added 2025/11/14 3:15 a.m.3 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00176EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 3:15 a.m.2 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS7.2AI score
Exploits0References2
Rows per page
Query Builder