Lucene search
K

10077 matches found

Debian CVE
Debian CVE
added 2025/06/18 9:33 a.m.4 views

CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

4.7CVSS5.8AI score0.00118EPSS
Exploits0
OSV
OSV
added 2025/06/18 9:33 a.m.3 views

CVE-2025-38078 ALSA: pcm: Fix race of buffer access at PCM OSS layer

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

4.7CVSS6.3AI score0.00118EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/06/18 9:33 a.m.9 views

CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH

In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...

0.00145EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer access contention condition in the PCM OSS layer that could lead to reuse after release...

4.7CVSS6.6AI score0.00118EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.6 views

The vulnerability of the software implementation of the TLS protocol allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of the Mbed TLS software protocol implementation is related to the use of an uninitialized resource. Exploiting this vulnerability allows a remote attacker to perform “man-in-the-middle” attacks...

5.4CVSS5.9AI score0.00274EPSS
Exploits0References5Affected Software3
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.1 views

Cisco Meraki Z和Cisco Meraki MX 安全漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A security vulnerability exists in Cisco Meraki Z and Cisco Meraki MX...

8.6CVSS6.4AI score0.00481EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Clients that use RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because the handshake does not abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections that use raw...

6.3CVSS6.8AI score0.02357EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.16 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Fix for UAF when flushing RQ while iterating tags. The function blkmqclearFlushrqMapping is not called during SCIS probe. This issue is addressed by checking blkqueueinitdone. However, the flag QUEUEFLAGINITDONE is cleared...

7.8CVSS6.2AI score0.00235EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Block: Fix to add folio to bio. A size of 4GB for folio is possible on some ARCHs, such as aarch64. A size of 16GB for hugepage is also supported. However, the “offset” of folio cannot be stored in “unsigned int”, which causes a...

5.5CVSS6.1AI score0.00152EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/16 12:0 a.m.4 views

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

5.3CVSS7.3AI score0.00361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.347 views

TencentOS Server 3: cryptsetup (TSSA-2022:0008)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0008 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

4.3CVSS6.9AI score0.0028EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/13 7:15 a.m.2 views

CVE-2024-38823

Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport...

2.7CVSS7.2AI score0.00214EPSS
Exploits0References2
OSV
OSV
added 2025/06/13 7:15 a.m.3 views

UBUNTU-CVE-2024-38823

Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport...

2.7CVSS5.8AI score0.00214EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/12 12:0 a.m.1 views

TED-LaST: Towards Robust Backdoor Defense against Adaptive Attacks

Deep Neural Networks DNNs are vulnerable to backdoor attacks, where attackers implant hidden triggers during training to maliciously control model behavior. Topological Evolution Dynamics TED has recently emerged as a powerful tool for detecting backdoor attacks in DNNs. However, TED can be...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

The Security Overview and Analysis of 3GPP 5G MAC CE

To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...

7AI score
Exploits0
Snyk
Snyk
added 2025/06/09 9:59 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through handling of RTP packets in the NewPacket function of packetfactory.go. An attacker can trigger a panic in the system by sending malformed RTP packets containing a padding size...

8.7CVSS6.9AI score0.00415EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/06/09 8:29 p.m.9 views

Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)

Impact Pion Interceptor versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Patches Upgrade to v0.1.39 or later, which includes PR 338 which...

7.5CVSS7.5AI score0.00415EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.6 views

The vulnerability of the software-based TLS protocol implementation of Acronis Cyber Protect 16 allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the software-based TLS protection implementation in Acronis Cyber Protect 16 lies in the insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information...

5.9CVSS6.2AI score0.00065EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/09 12:0 a.m.3 views

Gh0stEdit: Exploiting Layer-Based Access Vulnerability within Docker Container Images

Whitepaper called Gh0stEdit: Exploiting Layer-Based Access Vulnerability Within Docker Container Images...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.1 views

ZIV IDF和ZIV ZLF 资源管理错误漏洞

The ZIV IDF and ZIV ZLF are both transformer differential protection relays from ZIV Spain. A resource management error vulnerability exists in ZIV IDF version v0.10.0-0C03-03 and ZLF version v0.10.0-0C03-04, which stems from mishandling of a TLS request and could result in a denial of service...

8.3CVSS6.7AI score0.00213EPSS
Exploits0References1
Rows per page
Query Builder