Lucene search
K

601 matches found

NVD
NVD
added 2025/10/02 10:15 a.m.11 views

CVE-2025-54286

Cross-Site Request Forgery CSRF in LXD-UI in Canonical LXD versions = 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication...

8.8CVSS0.00119EPSS
Exploits1References1
CVE
CVE
added 2025/10/02 9:24 a.m.15 views

CVE-2025-54290

CVE-2025-54290 affects Canonical LXD before 6.5 and 5.21.4 on Linux. The vulnerability lies in the image export API, where error handling and LIKE wildcard matching can reveal project existence without authentication. An attacker can remotely determine whether a project exists by sending crafted ...

6.9CVSS6.4AI score0.00317EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2025/10/02 9:24 a.m.4 views

CVE-2025-54290

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...

6.9CVSS5.3AI score0.00317EPSS
Exploits1
Oracle linux
Oracle linux
added 2025/10/01 12:0 a.m.7 views

idm:DL1 security update

bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-20.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-20 - Refactor ipatests for unique krbcanonicalname Resolves: RHEL-110061 4.9.13-19 - Enforce uniqueness across krbprincipalnam...

9.1CVSS7AI score0.00523EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/10/01 12:0 a.m.3 views

OpenSSL DoS Vulnerability (20250930, CVE-2025-9230) - Linux

OpenSSL is prone to a denial of service DoS vulnerability due to a out-of-bounds read & write in RFC 3211 KEK Unwrap. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS6.8AI score0.01744EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/30 11:31 a.m.3 views

CVE-2025-6724

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

8.8CVSS7.4AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/30 11:31 a.m.4 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS7.5AI score0.22827EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 12:15 p.m.16 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.22827EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 11:29 a.m.2 views

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS7.1AI score0.22827EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 11:29 a.m.17 views

CVE-2025-6724

CVE-2025-6724 affects Chef Automate on Linux x86, prior to 4.13.295, where an authenticated attacker can access restricted functionality in multiple services due to improperly neutralized inputs used in an SQL command. The root cause is input handling that enables SQL injection. Exploitation deta...

8.8CVSS7AI score0.00342EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/29 11:29 a.m.4 views

CVE-2025-6724 Chef Automate SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

8.8CVSS7AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.4 views

PT-2025-39823

Name of the Vulnerable Software and Affected Versions Chef Automate versions prior to 4.13.295 Description Chef Automate versions earlier than 4.13.295 on Linux x86 are susceptible to a condition where an authenticated attacker can access restricted functionality. This is due to improperly...

8.8CVSS6.6AI score0.00342EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/09/27 12:0 a.m.5 views

PT-2025-39733

Name of the Vulnerable Software and Affected Versions llama-index-core versions through 0.12.44 Description The software has an issue in the get cache dir function due to the use of a predictable, hardcoded directory path /tmp/llama index on Linux systems without sufficient security measures. Thi...

7.3CVSS7.4AI score0.00134EPSS
Exploits0References10
GithubExploit
GithubExploit
added 2025/09/13 10:29 a.m.400 views

hackingtool-v5.1

All in One Hacking tool For Hackers🥇 !https://img.shields...

7.4AI score
Exploits0
AlpineLinux
AlpineLinux
added 2025/09/10 7:12 p.m.11 views

CVE-2025-10201

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.5AI score0.00258EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-27114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasmdis at p/wasm/wasm.c. CVE-2023-27114 Note that Nessus relies on the presence...

5.5CVSS5.8AI score0.00304EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-11654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remo...

5.9CVSS6.3AI score0.02014EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2021-46052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. CVE-2021-46052 Note that Nessus relies on the...

5.5CVSS6.1AI score0.00703EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary proces...

5.3CVSS6.9AI score0.01082EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-49085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the...

8.8CVSS7.7AI score0.84628EPSS
Exploits4References2
Rows per page
Query Builder