Lucene search
K

17 matches found

SUSE CVE
SUSE CVE
added 6 days ago6 views

SUSE CVE-2026-53131

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS5.8AI score0.00431EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:30 p.m.7 views

CVE-2026-53074

Summary of CVE-2026-53074 (Linux kernel) : The issue occurs in the bpf_prog_test_run_skb() path where the code may access ip_hdr(skb) or ipv6_hdr(skb) for IPv4/IPv6 inputs even when only an Ethernet header is present. If the Ethernet frame carries an IPv4/IPv6 EtherType but the Layer 3 header is ...

5.7AI score0.00164EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-55202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to...

8.8CVSS5.9AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/10 1:11 a.m.4 views

SUSE CVE-2024-10006

A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using Headers in L7 traffic intentions could bypass HTTP header based access rules...

5.8CVSS7.1AI score0.00473EPSS
Exploits0References5
OSV
OSV
added 2026/05/06 4:4 p.m.8 views

SUSE-SU-2026:1725-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References13
OSV
OSV
added 2026/05/05 1:7 p.m.4 views

SUSE-SU-2026:21506-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References13
RedHat Linux
RedHat Linux
added 2026/04/22 12:13 a.m.9 views

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

7.1CVSS5.6AI score0.00117EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/04/07 12:0 a.m.13 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS6.5AI score0.0017EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/02/16 12:25 a.m.4 views

SUSE CVE-2026-23204

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

7CVSS5.2AI score0.00117EPSS
Exploits0References125
Microsoft CVE
Microsoft CVE
added 2025/12/24 9:4 a.m.4 views

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header

...

5.5CVSS6.7AI score0.00156EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/23 1:58 p.m.5 views

CVE-2025-68343

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...

5.4AI score0.00156EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2948

Malicious code in bioql PyPI...

8.3CVSS8AI score0.00473EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2024/04/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-31161

CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account e.g., crushadmin, potentially leading to a full compromise...

9.8CVSS7.5AI score0.99963EPSS
Exploits18References1
Positive Technologies
Positive Technologies
added 2024/02/22 12:0 a.m.2 views

PT-2024-1927

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.8.1 Rack versions prior to 3.0.9.1 Description The issue is related to a denial of service vulnerability in Rack's content type parsing, where carefully crafted content type headers can cause the media type parser to...

10CVSS6.9AI score0.35376EPSS
Exploits4References118
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.5 views

PT-2024-13395 · Abo.Cms · Abo.Cms

Name of the Vulnerable Software and Affected Versions: ABO.CMS version 5.9.3 Description: A Cross Site Scripting issue allows an attacker to execute arbitrary code via a crafted payload to the Referer header. This enables the attacker to perform unauthorized actions on the affected system...

6.1CVSS6.4AI score0.00574EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.8 views

PT-2023-20799 · Veritas · Veritas Appliance

Name of the Vulnerable Software and Affected Versions: Veritas Appliance version 4.1.0.1 Description: The issue allows for Host Header Injection attacks, where the HTTP host header can be manipulated, causing the application to behave in unexpected ways. Any changes made to the header would resul...

6.1CVSS6.9AI score0.0044EPSS
Exploits1References5
OSV
OSV
added 2018/04/13 5:29 a.m.5 views

CVE-2018-10082

CMS Made Simple CMSMS through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or...

5.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder