Lucene search
K

179 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/13 1:21 p.m.3 views

CVE-2026-31414

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackexpect: use expect-helper Use expect-helper in ctnetlink and /proc to dump the helper name. Using nfcthelp without holding a reference to the master conntrack is unsafe. Use exp-master-helper in ctnetlink pa...

5.9AI score0.00381EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/04/13 1:21 p.m.50 views

CVE-2026-31414

CVE-2026-31414 (Linux kernel netfilter nf_conntrack_expect) The vulnerability arises from using nfct_help() without holding a reference to the master conntrack, leading to unsafe references when the helper is dumped via ctnetlink and /proc. The fix switches to using exp->master->helper in t...

9.8CVSS5.7AI score0.00381EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of using the expect-helper function. This vulnerability may lead to unsafe behaviors whe...

9.8CVSS5.8AI score0.00381EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackexpect: use expect-helper Use expect-helper in ctnetlink and /proc to dump the helper name. Using nfcthelp without holding a reference to...

9.8CVSS6AI score0.00381EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/13 12:0 a.m.4 views

CVE-2026-31414

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackexpect: use expect-helper Use expect-helper in ctnetlink and /proc to dump the helper name. Using nfcthelp without holding a reference to the master conntrack is unsafe. Use exp-master-helper in ctnetlink pa...

9.8CVSS6.1AI score0.00381EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.8 views

AperiSolve 操作系统命令注入漏洞

AperiSolve is an image steganography analysis platform developed by Zeecka’s individual developers. It can automatically detect and extract hidden data. Versions of AperiSolve prior to 3.2.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from t...

9.8CVSS6.5AI score0.00775EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/27 12:0 a.m.2 views

NewStart CGSL MAIN 7.02 : golang Multiple Vulnerabilities (NS-SA-2025-0254)

The remote NewStart CGSL host, running version MAIN 7.02, has golang packages installed that are affected by multiple vulnerabilities: - The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true...

9.8CVSS7AI score0.01952EPSS
Exploits0References25
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview chai-promised-expect is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.4 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Missing Release of Memory after Effective Lifetime (CVE-2024-44944)

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nfexpectgetid helper function to calculate the expectation ID, otherwise LSB of the expectation object address is...

5.5CVSS6.1AI score0.00239EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.4 views

PT-2025-43032

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 141.0.7390.122 Description An out-of-bounds memory access issue exists in the V8 JavaScript engine within Google Chrome. This flaw allows a remote attacker to perform out-of-bounds memory access by way of a...

10CVSS7.5AI score0.03638EPSS
Exploits0References42
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0822

Malware in sbrugna...

7.5CVSS6.5AI score0.01192EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-3607

Malware in sbrugna...

4.3CVSS6.4AI score0.0192EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/09/25 12:9 a.m.3 views

undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-continue" header

A flaw was discovered in Undertow where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service...

7.5CVSS5.8AI score0.01192EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.12 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference counting problem in the expect dump in ctnetlink, which could lead to a memory leak...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-10705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the Expect: 100-continue header may cause an out of memory...

7.5CVSS6.8AI score0.01192EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in @epc-tools/testutil-cdk-expect-policy (npm)

The package @epc-tools/testutil-cdk-expect-policy was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in tcl-expect (npm)

The package tcl-expect was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-7848 Malicious code in @epc-tools/testutil-cdk-expect-policy (npm)

The package @epc-tools/testutil-cdk-expect-policy was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-34597 Malicious code in tcl-expect (npm)

The package tcl-expect was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/09 12:23 a.m.10 views

CVE-2025-32094

An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai...

4CVSS6.8AI score0.00517EPSS
Exploits0References1
Rows per page
Query Builder