536 matches found
CVE-2025-48057
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...
CVE-2025-4562
creationtimestamp| type| source ---|---|--- 2025-05-23 03:24:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpsokuyztf2r...
CVE-2020-15476
In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpisearchoracle in lib/protocols/oracle.c...
CVE-2006-4936
Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...
CVE-2025-37874
In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbeprobe error path When ngbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in ngbeprobe function, the subsequent error paths after ngbeswinit don't free the rsskey. F...
CVE-2025-37804
No description is available for this CVE...
CVE-2022-49766
In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...
CVE-2022-49771
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, " call and then will fill the space using the...
Spill the Beans: Exploiting CPU Cache Side-Channels to Leak Tokens from Large Language Models
Side-channel attacks on shared hardware resources increasingly threaten confidentiality, especially with the rise of Large Language Models LLMs. In this work, we introduce Spill The Beans, a novel application of cache side-channels to leak tokens generated by an LLM. By co-locating an attack...
CVE-2025-22078
In the Linux kernel, the following vulnerability has been resolved: staging: vchiqarm: Fix possible NPR of keep-alive thread In case vchiqplatformconnstatechanged is never called or fails before driver removal, kathread won't be a valid pointer to a taskstruct. So do the necessary checks before...
CVE-2025-22026
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...
CVE-2025-22075
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 "net/core: Add support for getting VF GUIDs" added support for getting VF port and node GUIDs in netlink ifinfo messages, but their size was not take...
CVE-2025-22060
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...
CVE-2025-30736
CVE-2025-30736 affects Oracle Database Server's Java VM component. Affected versions: 19.3–19.26, 21.3–21.17, and 23.4–23.7. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise the Java VM, potentially leading to unauthorized creation, del...
CVE-2025-30719
...
CVE-2025-30712
The CVE-2025-30712 vulnerability affects Oracle VM VirtualBox (Component: Core) with affected version 7.1.6. It is described as an easily exploitable, local vulnerability that enables a high-privilege attacker with logon to the infrastructure where VirtualBox runs to compromise the product, poten...
CVE-2025-30709
...
CVE-2025-30697
CVE-2025-30697 affects Oracle PeopleSoft: PeopleSoft Enterprise PeopleTools (Panel Processor) versions 8.60–8.62. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise PeopleTools, with attacks requiring user interaction and potentially impacting additional...
CVE-2025-21588
...
CVE-2025-22014
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...