Lucene search
K

2032 matches found

ICS
ICS
added 2026/02/24 12:0 a.m.11 views

Hitachi Energy RTU500 Product

SUMMARY Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. Successful exploitation of these vulnerabilities can result in the exposure of low-value user management information and device outage. Please refer to the Recommended Immediate...

6.1AI score
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.3 views

PT-2026-7483

Heads up, folks: Microsoft's February 2026 Patch Tuesday is out, dropping 55 vulnerability fixes across various products. Among these is CVE-2025-59498, which Microsoft has explicitly marked as Critical. This update is significant, addressing a broad spectrum of security issues. While the specifi...

5.5AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/09 9:30 a.m.6 views

MCP Run Python has a Sandbox Escape & Server Takeover Vulnerability

Impact Critical Sandbox Escape & Server Takeover: A critical security vulnerability exists in mcp-run-python due to a lack of isolation between the Python runtime Pyodide and the host JavaScript environment. The runPython and runPythonAsync functions execute Python code using Pyodide without...

5.8CVSS6.1AI score0.00177EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2026/01/27 12:0 a.m.6 views

Hitachi Energy SuprOS

SUMMARY Hitachi Energy is aware of a vulnerability that affects the SuprOS product versions listed in this document. An attacker successfully exploiting this vulnerability can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immediate Actions for...

8.8CVSS5.8AI score0.00177EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.12 views

CVE-2021-41243

There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users with permissions to upload files may upload crafted zip files which may execute arbitrary commands on the host operating system. This is a vulnerability that needs to be...

9.1CVSS8AI score0.02174EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/07 1:7 a.m.5 views

kernel: RDMA/siw: Fix connection failure handling

A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siwcmworkhandler function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be...

5.5CVSS7AI score0.00228EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2022-50736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue...

6.2AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/24 3:30 p.m.8 views

EUVD-2022-55753

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

6AI score0.00206EPSS
Exploits0References7
NVD
NVD
added 2025/12/24 1:16 p.m.9 views

CVE-2022-50736

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

0.00206EPSS
Exploits0References6
OSV
OSV
added 2025/12/24 1:16 p.m.11 views

UBUNTU-CVE-2022-50736

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

5.7AI score0.00206EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/24 12:22 p.m.32 views

CVE-2022-50736 RDMA/siw: Fix immediate work request flush to completion queue

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.13 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an out-of-bounds access when an immediate work request is flushed to the completion queue...

6.2AI score0.00206EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.16 views

PT-2025-53040

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel’s RDMA/siw component related to handling immediate work requests and flushing to the completion queue. An incorrect send queue element opcode during...

7.8CVSS6.2AI score0.00462EPSS
Exploits2References896
RedhatCVE
RedhatCVE
added 2025/12/08 10:51 p.m.3 views

CVE-2025-55753

An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: fro...

7.5CVSS6.7AI score0.00417EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/25 12:30 a.m.3 views

CVE-2025-65951 Inside Track / Entropy Derby Timelock Encryption Bypassed via Pre-Computed VDF Output Leakage

Inside Track / Entropy Derby is a research-grade horse-racing betting engine. Prior to commit 2d38d2f, the VDF-based timelock encryption system fails to enforce sequential delay against the betting operator. Bettors pre-compute the entire Wesolowski VDF and include vdfOutputHex in their encrypted...

8.7CVSS6.4AI score0.00107EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.5 views

Inside Track 加密问题漏洞

Inside Track is a horse racing betting engine by the individual developer Lumina Mescuwa. Inside Track suffers from an encryption issue vulnerability that stems from the VDF encryption system not enforcing a sequential delay, which could lead to immediate decryption...

8.7CVSS6.5AI score0.00107EPSS
Exploits0References3
OSV
OSV
added 2025/11/24 9:36 p.m.4 views

MAL-2025-191010 Malicious code in set-nested-prop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e3ace4ffb79a5de4b7a82ae75ffdcccb6233dce2bfa2a4f32f70a3dc6921a03 The package set-nested-prop was found to contain malicious code. Source: ghsa-malware 35b0b9a8f67ec13668f93a14f45e037dc7cb3c33fa4c688e13b10a3cd2c5d3a...

6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.5 views

WordPress plugin Email Subscribers & Newsletters 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An Access Control Erro...

5.3CVSS6.6AI score0.00271EPSS
Exploits0References5
CVE
CVE
added 2025/11/17 12:0 a.m.24 views

CVE-2025-63747

CVE-2025-63747 affects QaTraq 6.9.2. The issue arises from default-enabled administrative credentials, allowing immediate login through the web app login page and granting administrative access if reachable. The vulnerability is present in the default configuration, so an attacker who can access ...

9.8CVSS6.7AI score0.00385EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/11/12 10:27 p.m.30 views

CVE-2025-64707 Frappe LMS revoking access did not show immediate effect as roles were cached

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...

5.1CVSS0.00162EPSS
Exploits0References1
Rows per page
Query Builder