Lucene search
+L

14 matches found

opensuse
opensuse
added 2026/04/09 12:0 a.m.3 views

Security update for mapserver (moderate)

openSUSE security update: security update for mapserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20476-1 Rating: moderate References: bsc1260869 Cross-References: CVE-2026-33721 Affected Products: openSUSE Leap 16.0...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/11/26 9:59 p.m.9 views

CVE-2025-21621

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...

6.1CVSS6.1AI score0.00258EPSS
Exploits0References1
nvd
nvd
added 2025/11/25 10:15 p.m.6 views

CVE-2025-21621

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...

6.1CVSS0.00258EPSS
Exploits0References4
euvd
euvd
added 2025/11/25 9:52 p.m.7 views

EUVD-2025-199607

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...

6.1CVSS5.6AI score0.00258EPSS
Exploits0References6
github
github
added 2025/11/25 6:41 p.m.10 views

GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format

Summary A reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's browser through specially crafted SLDBODY parameters. Details The WMS service setting that controls HTML...

6.1CVSS5.9AI score0.00258EPSS
Exploits0References7Affected Software2
ptsecurity
ptsecurity
added 2025/11/25 12:0 a.m.11 views

PT-2025-48090

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...

6.1CVSS6.1AI score0.00258EPSS
Exploits0References5
susecve
susecve
added 2025/10/31 12:25 a.m.5 views

SUSE CVE-2025-40089

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References3
euvd
euvd
added 2025/10/30 12:31 p.m.5 views

EUVD-2025-36989

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

5.6AI score0.0017EPSS
Exploits0References3
nvd
nvd
added 2025/10/30 10:15 a.m.5 views

CVE-2025-40089

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

0.0017EPSS
Exploits0References2
osv
osv
added 2025/10/30 10:15 a.m.6 views

UBUNTU-CVE-2025-40089

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

5.7AI score0.0017EPSS
Exploits0References10
debiancve
debiancve
added 2025/10/30 9:47 a.m.7 views

CVE-2025-40089

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

5AI score0.0017EPSS
Exploits0
cvelist
cvelist
added 2025/10/30 9:47 a.m.13 views

CVE-2025-40089 cxl/features: Add check for no entries in cxl_feature_info

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

0.0017EPSS
Exploits0References2
cve
cve
added 2025/10/30 9:47 a.m.22 views

CVE-2025-40089

CVE-2025-40089 concerns a kernel NULL pointer dereference in cxl_feature_info() when cxlfs can be NULL if hardware features are not present. The fix adds a check for cxlfs before dereferencing and returns -EOPNOTSUPP when no cxlfs exist due to lack of hardware support. Connected sources (e.g., OS...

5.7AI score0.0017EPSS
Exploits0References2
nessus
nessus
added 2025/10/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to ge...

5.8AI score0.0017EPSS
Exploits0References2
Rows per page
Query Builder