Lucene search
K

10080 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:1 a.m.10 views

CVE-2010-2815

Unspecified vulnerability in the Transport Layer Security TLS implementation on Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 before 7.25, 8.0 before 8.05.15, 8.1 before 8.12.44, 8.2 before 8.22.17, and 8.3 before 8.31.6 and Cisco PIX Security Appliances 500 series...

7.8CVSS6.9AI score0.02496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:28 a.m.5 views

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP4.3, KK4.4, and L5.0/5.1 software. Because of a misused whitelist, attackers can reach the radio layer aka RIL or RILD to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 May 2016...

7.5CVSS7AI score0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.3 views

SAR-AutoDeploy-Layer 安全漏洞

SAR-AutoDeploy-Layer is a Lumigo open source SAR application used to automate the deployment of a Lambda layer to a region for all functions. A security vulnerability exists in SAR-AutoDeploy-Layer v1.2.0 that stems from improper permissions and could lead to elevated privileges and customer clou...

8.8CVSS6.6AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.2 views

ABB多款产品 信任管理问题漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

8.8CVSS6.9AI score0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.10 views

PT-2025-22511 · Unknown · Autodeploy-Layer

Name of the Vulnerable Software and Affected Versions: autodeploy-layer version 1.2.0 Description: The issue is related to insecure permissions, allowing attackers to escalate privileges and compromise the customer cloud account. Recommendations: For autodeploy-layer version 1.2.0, consider...

8.8CVSS6.4AI score0.00302EPSS
Exploits0References4
CVE
CVE
added 2025/05/22 12:0 a.m.49 views

CVE-2025-45472

The CVE-2025-45472 entry covers insecure permissions in autodeploy-layer v1.2.0, enabling privilege escalation that could compromise the customer cloud account. Multiple sources corroborate that the issue is tied to improper access controls in autodeploy-layer and that it affects at least version...

8.8CVSS6.8AI score0.00302EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/05/21 2:50 p.m.10 views

USN-7517-2 linux-ibm-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

7.8CVSS6.8AI score0.08906EPSS
Exploits3References94
OSV
OSV
added 2025/05/21 2:40 p.m.6 views

USN-7516-4 linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

7.8CVSS6.8AI score0.08906EPSS
Exploits1References91
Ubuntu
Ubuntu
added 2025/05/21 2:40 p.m.6 views

USN-7516-4: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

7.8CVSS7.2AI score0.08906EPSS
Exploits1
NVD
NVD
added 2025/05/21 1:16 p.m.11 views

CVE-2025-48417

The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...

6.5CVSS0.00188EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/21 12:30 p.m.16 views

CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations

The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...

0.00188EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/21 12:30 p.m.7 views

CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations

The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...

7.1AI score0.00188EPSS
Exploits1References1
Snyk
Snyk
added 2025/05/20 8:44 p.m.2 views

Improper Neutralization of Escape, Meta, or Control Sequences

Overview Affected versions of this package are vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences via the Hubble CLI terminal output processing. An attacker can manipulate the output to conceal log entries, rewrite output, or make the terminal temporarily unusable by...

6.5CVSS6.9AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/20 7:55 p.m.26 views

CVE-2025-48056 Hubble CLI vulnerable to character injection

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

5.3CVSS0.00246EPSS
Exploits0References2
OSV
OSV
added 2025/05/20 7:23 p.m.5 views

GHSA-X8PV-FGXP-8V3X TYPO3 Allows Information Disclosure via DBAL Restriction Handling

Problem When performing a database query involving multiple tables through the database abstraction layer DBAL, frontend user permissions are only applied via FrontendGroupRestriction to the last table. As a result, data from additional tables included in the same query may be unintentionally...

3.7CVSS7.1AI score0.00253EPSS
Exploits0References4
OSV
OSV
added 2025/05/20 4:58 p.m.12 views

USN-7516-3 linux-azure, linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

7.8CVSS6.8AI score0.08906EPSS
Exploits1References91
OSV
OSV
added 2025/05/20 4:38 p.m.9 views

USN-7510-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.9AI score0.13626EPSS
Exploits1References125
OSV
OSV
added 2025/05/20 4:28 p.m.8 views

USN-7510-4 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.6AI score0.13626EPSS
Exploits1References125
OSV
OSV
added 2025/05/20 4:12 p.m.9 views

USN-7510-3 linux-azure, linux-azure-5.15, linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.7AI score0.13626EPSS
Exploits1References125
Ubuntu
Ubuntu
added 2025/05/20 4:12 p.m.5 views

USN-7510-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS7.4AI score0.13626EPSS
Exploits1
Rows per page
Query Builder