Lucene search
K

4329 matches found

OSV
OSV
added 2025/04/08 6:15 p.m.4 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00704EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 6:15 p.m.2 views

CVE-2025-27482

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network...

8.1CVSS5.9AI score0.01642EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 5:23 p.m.142 views

CVE-2025-27482

CVE-2025-27482 is a remote code execution vulnerability in Windows Remote Desktop Gateway Service caused by sensitive data being stored in memory that is not properly locked. The issue enables code execution over the network and is rated high-severity (CVSS 3.1: 8.1). Microsoft’s Patch Tuesday up...

8.1CVSS7.5AI score0.01642EPSS
Exploits0References1Affected Software5
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.16 views

Windows Graphics Component Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7CVSS6.8AI score0.00312EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.20 views

Windows Kernel Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6.8AI score0.00421EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.3 views

PT-2025-15524

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A flaw exists in the Windows TCP/IP stack related to the improper locking of memory containing sensitive data. This allows a remote, unauthorized attacker to execute arbitrary code...

7.6CVSS9.1AI score0.01381EPSS
Exploits0References18
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

The vulnerability of the functions intel_iommu_init() (drivers/iommu/intel/iommu.c) and enable_drhd_fault_handling() (drivers/iommu/intel/dmar.c) in the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the functions inteliommuinit drivers/iommu/intel/iommu.c and enabledrhdfaulthandling drivers/iommu/intel/dmar.c in the Linux kernel is related to insufficient locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00187EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

Vulnerability of the mptcp_nlremove_subflow_and_signal_addr() function (net/mptcp/pm_netlink.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the mptcpnlremovesubflowandsignaladdr function net/mptcp/pmnetlink.c in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00194EPSS
Exploits0References24Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.12 views

Vulnerability of the npcm_i2c_probe_bus() function (driver/i2c/buses/i2c-npcm7xx.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the npcmi2cprobebus function from the drivers/i2c/busses/i2c-npcm7xx.c file in the Linux kernel is related to insufficient locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00147EPSS
Exploits0References18Affected Software5
RedhatCVE
RedhatCVE
added 2025/04/06 5:16 p.m.9 views

CVE-2025-32133

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...

5.9CVSS7.2AI score0.00358EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/04 3:58 p.m.9 views

CVE-2025-32133 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...

5.9CVSS8.6AI score0.00358EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/04 2:58 a.m.3 views

SUSE CVE-2025-21952

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.3 views

WordPress plugin Secure Copy Content Protection and Content Locking 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

5.9CVSS6.1AI score0.00358EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/03 9:41 p.m.4 views

CVE-2025-30905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...

7.1CVSS7.2AI score0.0034EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.6 views

The vulnerability of the ipsec_fs_roce_tx_mpv_create() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ipsecfsrocetxmpvcreate function in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00183EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.7 views

The vulnerability of the pktgen_thread_worker() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pktgenthreadworker function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00201EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.7 views

The vulnerability of the htlb_allow_alloc_fallback() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the htlballowallocfallback function in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00139EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2025/04/02 8:57 a.m.3 views

SUSE CVE-2025-21933

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: fix NULL pointer dereference issue When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which will cause a NULL pointer dereference issue in adjustpte: Unable to handle kernel NULL pointe...

5.5CVSS6.3AI score0.00148EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.17 views

The vulnerability of the irqfd_wakeup() function in Linux kernel-based Xen drivers allows a hacker to trigger a service failure.

The vulnerability of the irqfdwakeup function in Xen kernel-based Linux operating system drivers is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to trigger a service failure...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References11Affected Software4
ATTACKERKB
ATTACKERKB
added 2025/04/01 9:15 p.m.2 views

CVE-2025-30905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through =...

7.2AI score0.0034EPSS
Exploits0References3
Rows per page
Query Builder