Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on IPMI events and the reception of message requests. This vulnerability could...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that when the dm-raid module is used to stop an RAID array, the metadata devices become...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 4:47 p.m.1 views

MAL-2025-160397 Malicious code in messi-urt-efsdsdus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41e5f5bee6dfa140b258995b1b57f2442b8094b98676a764e5720c0ff28327bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 4:25 a.m.3 views

Malicious code in eko-ikan45-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c6ac94389d35eb8e383b226e53cb5a8112be028adb583c9355d56f8cb69b952 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 12:41 a.m.0 views

MAL-2025-67081 Malicious code in broken-olive-fowl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701c3b9151f568cf54840add388d8e29980990fbfb2d3e9892077339aa50e29e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 5:21 p.m.2 views

Malicious code in hadianto-esdoger41-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7de56a688a36d7202f72c57da79b618dbce4fb368291ccae74da206c1f803062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Veracode
Veracode
added 2024/03/18 5:22 p.m.19 views

Denial Of Service (DoS)

iperf is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in the iperf utility, causing it to hang indefinitely while waiting for the remainder or until the connection is closed, allows a malicious or malfunctioning client to send less data than expected to the iperf serv...

5.3CVSS5.3AI score0.00932EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2024/03/07 10:15 a.m.25 views

CVE-2024-1931

NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...

7.5CVSS7AI score0.02516EPSS
Exploits1References2
OSV
OSV
added 2023/12/18 2:15 p.m.7 views

CVE-2023-4320

An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/12/18 1:43 p.m.1 views

CVE-2023-4320 Satellite: arithmetic overflow in satellite

An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity...

7.6CVSS6.5AI score0.0053EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.4 views

PT-2023-28731 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker to create personal access tokens that are valid indefinitely,...

7.6CVSS5.7AI score0.0053EPSS
Exploits0References8
Code423n4
Code423n4
added 2022/12/19 12:0 a.m.16 views

Malicious users can block listing

Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, any user with the Rae token corresponding to this Vault can call the propose function to create a listing proposal, which can be used for listing when the proposal exists over PROPOSALPERIOD. function listaddress...

6.7AI score
Exploits0
NVD
NVD
added 2022/08/22 3:15 p.m.28 views

CVE-2022-34772

Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting...

8.8CVSS0.00462EPSS
Exploits0References1
Code423n4
Code423n4
added 2022/08/03 12:0 a.m.14 views

XC20Wrapper may lost received token forever if LocalAsset(xc20).mint is reverted indefinitely

Lines of code Vulnerability details Impact XC20Wrapper may lost received token forever if LocalAssetxc20.mint is reverted indefinitely. Similar to ERC20, the spec said that if mitn returns false it means minting is failed. But it is commonly revert instead of returning false which is also a minti...

7.1AI score
Exploits0
OSV
OSV
added 2022/04/04 8:15 p.m.5 views

CVE-2021-32986

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without...

9.8CVSS7.3AI score0.0107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/04/02 7:58 p.m.39 views

CVE-2018-7158

It was found that the 'path' module from Node.js was vulnerable to a Regular Expression Denial of Service REDoS flaw. An attacker able to provide a specially crafted file path to a Node.js script could force it to hang indefinitely...

7.5CVSS1.8AI score0.03381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/11/16 3:29 p.m.3 views

CVE-2017-16560

SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...

4.3CVSS5.5AI score0.00419EPSS
Exploits0References3
Mageia
Mageia
added 2015/07/05 5:22 p.m.64 views

Updated pam package fixes security vulnerability

If SELinux is enabled, the unixrunhelperbinary function in Linux-PAM 1.1.8 and earlier hangs indefinitely when verifying a password of 65536 characters, which allows attackers to conduct username enumeration and denial of service attacks CVE-2015-3238...

6.5CVSS6.8AI score0.02705EPSS
Exploits1References2
Rows per page
Query Builder