Lucene search
K

871 matches found

NVD
NVD
added 2026/01/22 3:16 p.m.6 views

CVE-2025-64097

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.8CVSS0.00422EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/22 2:57 p.m.3 views

CVE-2025-64097

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.5CVSS5.5AI score0.00422EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/01/22 2:57 p.m.4 views

EUVD-2025-206329

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.5CVSS5.6AI score0.00422EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/22 2:57 p.m.4 views

CVE-2025-64097 NervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute Force

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.5CVSS5.6AI score0.00422EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.10 views

CVE-2022-31177

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...

2.7CVSS6.5AI score0.00594EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.8 views

CVE-2020-10104

An issue was discovered in Zammad 3.0 through 3.2. After authentication, it transmits sensitive information to the user that may be compromised and used by an attacker to gain unauthorized access. Hashed passwords are returned to the user when visiting a certain URL...

4.3CVSS6.7AI score0.00828EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-54225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists ...

5.4AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/12/31 12:28 a.m.2 views

SUSE CVE-2023-54225

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

4.1CVSS6.8AI score0.00166EPSS
Exploits0References17
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60416

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

6.3AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2025/12/30 1:16 p.m.4 views

CVE-2023-54225

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 1:16 p.m.5 views

UBUNTU-CVE-2023-54225

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

5.8AI score0.00166EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/30 12:11 p.m.23 views

CVE-2023-54225 net: ipa: only reset hashed tables when supported

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/30 12:11 p.m.4 views

CVE-2023-54225

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

5.5AI score0.00166EPSS
Exploits0
CVE
CVE
added 2025/12/30 12:11 p.m.12 views

CVE-2023-54225

CVE-2023-54225 (Linux kernel) : The issue affects the Linux kernel’s IPA modem path, where during shutdown a transaction could be under a reference count underflow if hashed IPA tables were zeroed when hashing is not supported. Root cause: the code zeroed hashed table memory for modem filter/rout...

6.5AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 12:11 p.m.4 views

CVE-2023-54225 net: ipa: only reset hashed tables when supported

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

6.7AI score0.00166EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.3 views

PT-2025-54054

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel code managing GSI channel transactions experienced transaction reference count underflows during shutdown. This occurred after a transition from spinlock-protected linke...

6.1AI score0.00166EPSS
Exploits0
OSV
OSV
added 2025/12/22 10:16 p.m.4 views

CVE-2023-53967

Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password...

9.3CVSS5.8AI score0.00456EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/12/14 8:45 a.m.6 views

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.7AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.3 views

EUVD-2025-203248

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS5.2AI score0.00369EPSS
Exploits0References5
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

6.5CVSS0.00369EPSS
Exploits0References4
Rows per page
Query Builder