Lucene search
K

2873 matches found

OSV
OSV
added 2025/05/01 2:9 p.m.9 views

CVE-2022-49844 can: dev: fix skb drop check

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

7.1CVSS5.3AI score0.00153EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/01 2:9 p.m.12 views

CVE-2022-49844 can: dev: fix skb drop check

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

0.00153EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/01 2:9 p.m.1 views

CVE-2022-49844 can: dev: fix skb drop check

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

5.8AI score0.00153EPSS
Exploits0References2
CVE
CVE
added 2025/05/01 2:9 p.m.64 views

CVE-2022-49844

The collection confirms CVE-2022-49844 affects the Linux kernel CAN subsystem. The issue arises from reading priv->ctrlmode in virtual CAN interfaces (e.g., vcan, vxcan) when some interfaces do not create struct can_priv at startup, causing an out-of-bounds read and CAN frame drops. The refere...

7.1CVSS6.2AI score0.00153EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2025/05/01 6:26 a.m.2 views

Access Control Bypass

Overview browser-use is a Make websites accessible for AI agents Affected versions of this package are vulnerable to Access Control Bypass via the server's configuration, an attacker can access the debug port, which was inadvertently exposed on all network interfaces. Remediation Upgrade...

6.9CVSS6.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.6 views

PT-2025-18561 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the CAN Controller Area Network device driver. The issue arises from an out-of-bounds read in the priv-ctrlmode...

7.1CVSS5AI score0.00153EPSS
Exploits0References11
OSV
OSV
added 2025/04/30 8:15 p.m.3 views

CVE-2024-6030

Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...

7CVSS6AI score
Exploits0References1
NVD
NVD
added 2025/04/30 12:15 p.m.8 views

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

7.1CVSS0.00477EPSS
Exploits0References1
NVD
NVD
added 2025/04/30 12:15 p.m.23 views

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

5.4CVSS0.00426EPSS
Exploits0References1
NVD
NVD
added 2025/04/30 12:15 p.m.26 views

CVE-2025-24347

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...

6.5CVSS0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/30 11:44 a.m.13 views

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

7.1CVSS0.00477EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 11:44 a.m.9 views

CVE-2025-24349

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to delete the configuration of physical network interfaces via a crafted HTTP request...

7.1CVSS6.5AI score0.00477EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 11:44 a.m.48 views

CVE-2025-24349

CVE-2025-24349 affects the web application of ctrlX OS under the Network Interfaces feature. A remote authenticated (low-privilege) attacker can delete the configuration of physical network interfaces by sending a crafted HTTP request. The vulnerability is evidenced across multiple sources (NVD, ...

7.1CVSS6.4AI score0.00477EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/30 11:42 a.m.23 views

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

5.4CVSS0.00426EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 11:42 a.m.7 views

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

5.4CVSS6.8AI score0.00426EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 11:42 a.m.51 views

CVE-2025-24348

CVE-2025-24348 affects the web interface of ctrlX OS (Network Interfaces). A remote authenticated, low-privilege attacker can manipulate the wireless network configuration file using a crafted HTTP request. Exploitation status is not detailed in the provided docs; CVSS v3.1 base score is 5.4 (Med...

5.4CVSS5.3AI score0.00426EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 11:41 a.m.7 views

CVE-2025-24347

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...

6.5CVSS6.8AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/30 11:41 a.m.21 views

CVE-2025-24347

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...

6.5CVSS0.00409EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 11:41 a.m.46 views

CVE-2025-24347

The CVE-2025-24347 issue affects the web application of ctrlX OS, specifically the Network Interfaces functionality. A remote authenticated (low-privileged) attacker can manipulate the network configuration file through a crafted HTTP request. The vulnerability is described across multiple source...

6.5CVSS6.6AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2025/04/28 3:15 p.m.2 views

CVE-2025-23375

Dell PowerProtect Data Manager Reporting, versions 19.17, contains an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS5.8AI score0.00122EPSS
Exploits0References1
Rows per page
Query Builder