Lucene search
K

183 matches found

OSV
OSV
added 2025/11/11 12:41 a.m.3 views

MAL-2025-70369 Malicious code in retail-fuchsia-whale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57fcf01baeb45153fdeb74f5950e864474bca62a8285e3b6678078932d677763 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-15439

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00081EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32906

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00223EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:17 p.m.5 views

CVE-2022-0882

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

5.5CVSS6.7AI score0.00115EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/24 1:30 p.m.14 views

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

6.9CVSS6.9AI score0.00223EPSS
Exploits1References1
NVD
NVD
added 2025/01/30 8:15 p.m.42 views

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

6.9CVSS0.00223EPSS
Exploits1References3
CVE
CVE
added 2025/01/30 7:17 p.m.48 views

CVE-2024-10604

CVE-2024-10604 affects Fuchsia’s network header field generation algorithms. Vulnerable components include the TCP Initial Sequence Number (ISN), TCP timestamp, TCP/UDP source ports, and IPv4/IPv6 fragment IDs, which can be guessed under certain circumstances. The available connected sources iden...

6.9CVSS6.6AI score0.00223EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/01/30 7:17 p.m.34 views

CVE-2024-10604 Identifiable Header Values In Fuchsia Leading To Tracking of The User

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

6.9CVSS0.00223EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.6 views

PT-2025-1599 · Google · Fuchsia

Name of the Vulnerable Software and Affected Versions: Fuchsia affected versions not specified Description: The issue concerns vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields. Specifically, the vulnerabilities affect the TCP Initial Sequence Number ISN...

6.9CVSS6.3AI score0.00223EPSS
Exploits1References10
OSV
OSV
added 2024/10/16 1:4 p.m.5 views

MAL-2024-9712 Malicious code in minimum-fuchsia-cattle (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:4 p.m.3 views

Malicious code in minimum-fuchsia-cattle (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/10/17 11:36 p.m.12 views

fuchsia-star.com Cross Site Scripting vulnerability OBB-3002250

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbounty
added 2022/07/07 4:56 p.m.14 views

fuchsia-star.com Cross Site Scripting vulnerability OBB-2740479

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/17 12:0 a.m.6 views

The vulnerability of the Fuchsia operating system’s kernel allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Fuchsia operating system’s kernel is related to the exposure of information. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.00115EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/05/03 4:15 p.m.22 views

CVE-2022-0882

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

5.5CVSS0.00115EPSS
Exploits1References1
OSV
OSV
added 2022/05/03 4:15 p.m.3 views

CVE-2022-0882

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

5.5CVSS5.8AI score0.00115EPSS
Exploits1References1
Prion
Prion
added 2022/05/03 4:15 p.m.22 views

Design/Logic Flaw

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

2.1CVSS5.3AI score0.00115EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/03 3:50 p.m.81 views

CVE-2022-0882

CVE-2022-0882 affects the Fuchsia kernel (Zircon kernel addresses) and allows information disclosure: an attacker can read the kernel log via exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. The issue is triggered by access to low-level kernel addressing, enablin...

5.5CVSS5.1AI score0.00115EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/03 3:50 p.m.25 views

CVE-2022-0882 Illegal access to Kernel log in Fuchsia

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

5.3CVSS5.6AI score0.00115EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/05/03 3:50 p.m.5 views

CVE-2021-22556 Integer Overflow in Fuchsia Kernel

The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...

5.3CVSS7.9AI score0.00155EPSS
Exploits0References2
Rows per page
Query Builder