Lucene search
K

613 matches found

CVE
CVE
added 2025/12/16 3:6 p.m.14 views

CVE-2025-68308

CVE-2025-68308 relates to a Linux kernel issue in kvaser_usb leaf parsing causing an infinite loop; however, the connected documents do not provide further technical details (affected version, exploitability, or patch specifics). Monitor for updates from the vendor/patch references.

6.4AI score0.00161EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51712

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the kvaser usb leaf wait cmd and kvaser usb leaf read bulk callback functions related to handling zero-length commands used for aligning data to U...

5.4AI score0.00161EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/13 8:2 p.m.3 views

CVE-2025-61727

A flaw was found in the crypto/x509 package in the Go standard library. This vulnerability allows a certificate validation bypass via an excluded subdomain constraint in a certificated chain as it does not restrict the usage of wildcard SANs in the leaf certificate. Mitigation Mitigation for this...

6.5CVSS5.9AI score0.0027EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/10 6:14 p.m.6 views

CVE-2025-14276

A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown function of the file /ajax/php/leafsearch.php. This manipulation of the argument line causes command injection. The attack can be initiated remotely. A high degree of complexity is needed for the...

6.3CVSS6.7AI score0.01455EPSS
Exploits0References1
NVD
NVD
added 2025/12/08 10:15 p.m.4 views

CVE-2025-14276

A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown function of the file /ajax/php/leafsearch.php. This manipulation of the argument line causes command injection. The attack can be initiated remotely. A high degree of complexity is needed for the...

6.3CVSS0.01455EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/08 9:32 p.m.2 views

CVE-2025-14276 Ilevia EVE X1 Server leaf_search.php command injection

A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown function of the file /ajax/php/leafsearch.php. This manipulation of the argument line causes command injection. The attack can be initiated remotely. A high degree of complexity is needed for the...

6.3CVSS6.4AI score0.01455EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.5 views

Ilevia EVE X1 Server 命令注入漏洞

Ilevia EVE X1 Server is a smart home and building automation from Ilevia, Italy. A command injection vulnerability exists in Ilevia EVE X1 Server version 4.6.5.0.eden and prior versions, which stems from incorrect manipulation of the parameter line in the file /ajax/php/leafsearch.php, which coul...

6.3CVSS6AI score0.01455EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.8 views

PT-2025-49597

A vulnerability was determined in Ilevia EVE X1 Server up to 4.6.5.0.eden. Impacted is an unknown function of the file /ajax/php/leaf search.php. This manipulation of the argument line causes command injection. The attack can be initiated remotely. A high degree of complexity is needed for the...

6.3CVSS6.7AI score0.01455EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/05 12:24 a.m.2 views

SUSE CVE-2025-61727

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

7.5CVSS6.9AI score0.0027EPSS
Exploits0References14
EUVD
EUVD
added 2025/12/03 9:31 p.m.3 views

EUVD-2025-201106

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References5
OSV
OSV
added 2025/12/03 8:16 p.m.2 views

CVE-2025-61727

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.8AI score
Exploits0References4
NVD
NVD
added 2025/12/03 8:16 p.m.1 views

CVE-2025-61727

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS0.0027EPSS
Exploits0References4
OSV
OSV
added 2025/12/03 8:16 p.m.7 views

AZL-71635 CVE-2025-61727 affecting package msft-golang 1.24.13-1

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.7AI score0.0027EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 8:16 p.m.3 views

UBUNTU-CVE-2025-61727

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.7AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2025/12/03 7:37 p.m.172 views

CVE-2025-61727

The CVE-2025-61727 issue stems from crypto/x509: an excluded subdomain constraint in a certificate chain does not restrict wildcard SANs in the leaf certificate (e.g., excluding test.example.com does not block SAN *.example.com). This can allow a leaf certificate to claim a wildcard SAN despite t...

6.5CVSS6.5AI score0.0027EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/03 7:37 p.m.3 views

CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5AI score0.0027EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.5 views

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google USA. A security vulnerability exists in Google Go that stems from a subdomain constraint excluded from the crypto/x509 certificate chain that does not restrict the use of the...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References5
OSV
OSV
added 2025/12/02 8:55 p.m.3 views

GO-2025-4175 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.8AI score0.0027EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990880)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990880 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in...

5.5CVSS6.4AI score0.00277EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.7 views

kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions...

7.8CVSS6.8AI score0.0025EPSS
Exploits0References5
Rows per page
Query Builder