Lucene search
K

271 matches found

NVD
NVD
added 2025/05/09 7:16 a.m.11 views

CVE-2025-37872

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbeprobe error path When txgbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in txgbeprobe function, the subsequent error paths after txgbeswinit don't free the...

5.5CVSS0.00231EPSS
Exploits0References3
NVD
NVD
added 2025/05/06 6:15 p.m.41 views

CVE-2025-46815

The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id...

8CVSS0.00404EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/05/02 8:15 a.m.6 views

CVE-2024-11142

Cross-Site Request Forgery CSRF vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery. This issue affects Proticaret E-Commerce: before v6.0 NOTE: According to the vendor, fixing process is still ongoing for v4.05...

8.8CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.3 views

PT-2025-18629

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the btrfs qgroup self tests. The issue occurred in the test no shared qgroup and test multiple refs tests, where if...

5.5CVSS5.3AI score0.00173EPSS
Exploits0References22
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:27 a.m.44 views

Security Bulletin: IBM Spectrum Protect Plus vulnerability discloses sensitive information due to unencrypted data in transit (CVE-2020-4497)

Summary IBM Spectrum Protect Plus does not encrypt data transfer between vSnap servers and application agents. This could allow an attacker to view senstive information in transit. Vulnerability Details CVEID:CVE-2020-4497 DESCRIPTION: IBM Spectrum Protect Plus discloses sensitive information due...

6.8CVSS5.5AI score0.00387EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:13 a.m.36 views

Security Bulletin: XSS vulnerability affects IBM Cloud Object Storage System (CVE-2021-39014)

Summary XSS vulnerability affects IBM Cloud Object Storage System CVE-2021-39014. This vulnerability has been addressed in the latest ClevOS releases. Vulnerability Details CVEID:CVE-2021-39014 DESCRIPTION: IBM Cloud Object System is vulnerable to stored cross-site scripting. This vulnerability...

6.4CVSS5.5AI score0.00365EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/01 3:26 p.m.16 views

CVE-2025-21899 tracing: Fix bad hist from corrupting named_triggers list

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix bad hist from corrupting namedtriggers list The following commands causes a crash: cd /sys/kernel/tracing/events/rcu/rcucallback echo 'hist:name=bad:keys=commonpid:onmaxbogus.savecommonpid' trigger bash: echo: write...

0.00189EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/01 3:39 a.m.24 views

Security Bulletin: Denial of service vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect Operations Center (CVE-2024-40094).

Summary IBM Storage Protect Operations Center may be affected by denial of service caused by failure to consider ExecutableNormalizedFields in Open-source GraphQL Java library used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java ak...

5.3CVSS6.9AI score0.00943EPSS
Exploits2Affected Software1
OSV
OSV
added 2025/03/06 4:22 p.m.10 views

CVE-2025-21832 block: don't revert iter for -EIOCBQUEUED

In the Linux kernel, the following vulnerability has been resolved: block: don't revert iter for -EIOCBQUEUED blkdevreaditer has a few odd checks, like gating the position and count adjustment on whether or not the result is bigger-than-or-equal to zero where bigger than makes more sense, and not...

5.5CVSS5.9AI score0.00166EPSS
Exploits0References9
CVE
CVE
added 2025/03/06 4:4 p.m.84 views

CVE-2025-21827

The CVE-2025-21827 entry is supported by connected sources describing a Linux kernel Bluetooth issue: Mediatek btusb lacked proper locking around usb_driver_claim_interface(), risking a NULL pointer dereference or an "Failed to claim iso interface" error when the code runs via the hci0 path durin...

5.5CVSS7.2AI score0.00128EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-5443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9,...

9.8CVSS7.5AI score0.03123EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-14953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mail message display page in SquirrelMail through 1.4.22 has XSS via a math xlink:href= attack. CVE-2018-14953 Note that Nessus relies on the presence of th...

6.1CVSS6.8AI score0.01426EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2011-3637

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mstop function in fs/proc/taskmmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service OOPS via vectors that trigger an mstar...

5.5CVSS5.3AI score0.00367EPSS
Exploits0References2
CVE
CVE
added 2025/02/27 2:7 a.m.142 views

CVE-2024-57986

CVE-2024-57986 – Linux kernel HID core issue : The vulnerability stems from HID core handling of Resolution Multipliers. The code assumes each Resolution Multiplier control resides in a Logical Collection; if none is found, multiplier_collection could be non-NULL, risking misapplied multipliers o...

5.5CVSS6.5AI score0.00207EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2025/02/26 7:1 a.m.12 views

CVE-2022-49503

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fix potential out of bounds access with invalid rxstatus-rskeyix The "rxstatus-rskeyix" eventually gets passed to testbit so we need to ensure that it is within the bitmap. drivers/net/wireless/ath/ath9k/common.c:46...

7.1CVSS0.00267EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 2:10 a.m.10 views

CVE-2022-49307 tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()

In the Linux kernel, the following vulnerability has been resolved: tty: synclinkgt: Fix null-pointer-dereference in slgtclean When the driver fails at allochdlcdev, and then we remove the driver module, we will get the following splat: 25.065966 general protection fault, probably for non-canonic...

5.5CVSS5.3AI score0.00283EPSS
Exploits0References12
CVE
CVE
added 2025/02/26 1:56 a.m.88 views

CVE-2022-49274

CVE-2022-49274 concerns an ocfs2 quota crash when mounting with quotas enabled in the Linux kernel. The connected Astra Linux entry reproduces the issue and provides the same symptom set and stack trace context. The root cause is that during dqi_gqlock initialization, the related dqi_type and dqi...

5.5CVSS5.2AI score0.00245EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 1:54 a.m.7 views

CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

5.5CVSS5.4AI score0.00258EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/09 11:37 a.m.21 views

CVE-2024-57949 irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in itsirqsetvcpuaffinity The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irqsetvcpuaffinity irqgetdesclock rawspinlockirqsave --- Disable...

0.00181EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/01/28 12:0 a.m.147 views

CVE-2024-45340

Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...

8.8CVSS7.1AI score0.00685EPSS
Exploits0References4
Rows per page
Query Builder