Lucene search
K

1497 matches found

CVE
CVE
added 2026/04/06 12:0 a.m.21 views

CVE-2025-57835

CVE-2025-57835 affects Samsung Exynos/Modem devices (e.g., Exynos 980/990/850/1080/2100/etc.) with RRC in Samsung Mobile Processor, Wearable Processor, and Modems. Root cause: improper memory initialization causing illegal memory access via a malformed RRCReconfiguration message, leading to a sys...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/23 10:53 a.m.5 views

CVE-2026-23555

A flaw was found in Xenstored, the daemon responsible for the Xenstore key-value store in Xen virtual machines. An unprivileged guest can exploit this vulnerability by issuing a Xenstore command that accesses a node using an illegal node path. This can cause Xenstored to crash, leading to a Denia...

7.1CVSS5.8AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/23 6:57 a.m.2 views

CVE-2026-23555

Any guest issuing a Xenstore command accessing a node using the illegal node path "/local/domain/", will crash xenstored due to a clobbered error indicator in xenstored when verifying the node path. Note that the crash is forced via a failing assert statement in xenstored. In case xenstored is...

7.1CVSS5.8AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

Xen 安全漏洞

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has a security vulnerability, which...

7.1CVSS5.9AI score0.00181EPSS
Exploits0References5
OSV
OSV
added 2026/03/09 9:34 a.m.13 views

CLSA-2026-1773048865 kernel: Fix of 53 CVEs

xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...

8CVSS7AI score0.00618EPSS
Exploits6References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.5 views

Oracle Linux 8 : gcc-toolset-14-binutils (ELSA-2026-2627)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2627 advisory. 2.41-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130636 Thu Feb 20 2025 Nick Clifton - Backport fixes for PR 32082 and P...

7.8CVSS6.2AI score0.00235EPSS
Exploits1References2
OSV
OSV
added 2026/01/28 3:52 p.m.4 views

OPENSUSE-SU-2026:20122-1 Security update for python-h2

This update for python-h2 fixes the following issues: - CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737...

6.9CVSS7.1AI score0.01596EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/26 9:24 a.m.2 views

CVE-2025-41082

Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...

6.9CVSS5.9AI score0.00386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.8 views

PT-2026-4738

Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...

6.9CVSS5.9AI score0.00386EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.8 views

EVerest security vulnerabilities

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2025.12.1 contain security vulnerabilities. These vulnerabilities stem from a vulnerability that allows bypassing sequence state verification and authentication, potentiall...

5.3CVSS5.8AI score0.00254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.11 views

PT-2026-4826

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.12.1 Description EVerest is an EV charging software stack susceptible to a bypass of sequence state verification, including authentication. This allows sending requests that transition to forbidden states,...

4.3CVSS5.9AI score0.00254EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : vim-8.0.1763-16.el8.4 (AXSA:2022-3035:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3035:01 advisory. vim: heap-based buffer overflow in winredrstatus in drawscreen.c CVE-2021-3872 vim: illegal memory access in findstartbrace in cindent.c when...

7.8CVSS7.2AI score0.01792EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : libsolv-0.6.34-4.el7 (AXSA:2019-4081:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4081:02 advisory. libsolv: NULL pointer dereference in function testcaseread CVE-2018-20532 libsolv: NULL pointer dereference in function testcasestr2depcomplex...

6.5CVSS6.3AI score0.0233EPSS
Exploits3References4
Microsoft Secure
Microsoft Secure
added 2026/01/14 3:3 p.m.11 views

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...

6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.7 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.13 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.6AI score0.00236EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/01/14 12:36 a.m.2 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/14 12:29 a.m.3 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/14 12:26 a.m.2 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/14 12:17 a.m.2 views

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
Rows per page
Query Builder