Lucene search
K

10068 matches found

CNNVD
CNNVD
added 2025/07/20 12:0 a.m.4 views

RuoYi 安全漏洞

RuoYi is a backend management system by the individual developer of RuoYi in China. A security vulnerability exists in RuoYi 4.8.1 and earlier versions, which stems from an improper restriction of the rendering UI layer of the Image Source Handler component...

5.4CVSS4.8AI score0.0024EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.3 views

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions 3.6.1 through 3.6.3 that stems from a timing difference and could lead to plaintext recovery...

4CVSS6.3AI score0.00395EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/18 3:32 p.m.9 views

CVE-2025-53888 RIOT-OS has an ineffective size check that can lead to buffer overflow in link layer address filter /sys/net/link_layer/l2filter/l2filter.c

RIOT-OS, an operating system that supports Internet of Things devices, has an ineffective size check implemented with assert can lead to buffer overflow in versions up to and including 2025.04. Assertions are usually compiled out in production builds. If assertions are the only defense against...

8.7CVSS0.00714EPSS
Exploits1References3
OSV
OSV
added 2025/07/18 2:49 p.m.2 views

OESA-2025-1865 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lea...

7.5CVSS6.6AI score0.01118EPSS
Exploits0References2
OSV
OSV
added 2025/07/18 10:6 a.m.10 views

USN-7651-2 linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS6.7AI score0.00259EPSS
Exploits0References118
OSV
OSV
added 2025/07/18 9:43 a.m.14 views

USN-7654-3 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS6.4AI score0.01483EPSS
Exploits0References140
OSV
OSV
added 2025/07/18 9:32 a.m.7 views

USN-7654-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS6.5AI score0.01483EPSS
Exploits0References140
Ubuntu
Ubuntu
added 2025/07/18 9:32 a.m.8 views

USN-7654-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits0
OSV
OSV
added 2025/07/18 9:0 a.m.11 views

USN-7654-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS6.4AI score0.01483EPSS
Exploits0References140
CNVD
CNVD
added 2025/07/18 12:0 a.m.173 views

Apache HTTP Server Access Control Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An Access Control Error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause an access contr...

9.1CVSS6.8AI score0.0097EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/07/17 4:43 p.m.3 views

openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

4.8CVSS7.2AI score0.00381EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/17 4:43 p.m.2 views

openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

4.8CVSS7.2AI score0.00381EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2025/07/17 4:36 p.m.13 views

USN-7653-1: Linux kernel (HWE) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.5AI score0.00571EPSS
Exploits4
OSV
OSV
added 2025/07/17 4:36 p.m.7 views

USN-7653-1 linux-hwe-6.8 vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.7AI score0.00571EPSS
Exploits4References159
RedHat Linux
RedHat Linux
added 2025/07/17 4:27 p.m.4 views

openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

4.8CVSS7.2AI score0.00381EPSS
Exploits0References5
OSV
OSV
added 2025/07/17 4:21 p.m.8 views

USN-7652-1 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References118
OSV
OSV
added 2025/07/17 4:2 p.m.9 views

USN-7651-1 linux, linux-aws, linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References118
Microsoft CVE
Microsoft CVE
added 2025/07/17 7:0 a.m.7 views

Apache HTTP Server: mod_ssl access control bypass with session resumption

...

9.1CVSS7AI score0.0097EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/07/17 7:0 a.m.3 views

Apache HTTP Server: mod_ssl error log variable escaping

...

7.5CVSS7AI score0.00669EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/17 7:0 a.m.3 views

Apache HTTP Server: mod_ssl TLS upgrade attack

...

7.5CVSS7AI score0.00516EPSS
Exploits0
Rows per page
Query Builder