Lucene search
K

428 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-62395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing...

4.3CVSS6AI score0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/11/14 12:38 p.m.6 views

CLSA-2025-1763123915 udisks2: Fix of CVE-2025-8067

CVE-2025-8067: fix issue allowing unprivileged users to create loop devices by validating lower bound of index parameter in loop device handler function...

8.5CVSS7.4AI score0.0065EPSS
Exploits1References1
OSV
OSV
added 2025/11/12 11:15 a.m.13 views

UBUNTU-CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

7.8CVSS6.5AI score0.00142EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990751 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

5.5CVSS6.1AI score0.00642EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.4 views

kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink().

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlangetiflink. syzbot presented an use-after-free report 0 regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is...

7.8CVSS5.7AI score0.00204EPSS
Exploits0References5
Rosalinux
Rosalinux
added 2025/11/09 1:7 p.m.18 views

Advisory ROSA-SA-2025-3043

Software: openssh 8.0p1 OS: ROSA Virtualization 3.1 unaffected versions = openssh-8.0p1-26.0.2.2.rv31 affected versions openssh-8.0p1-26.0.2.2.rv31 CVE-ID: CVE-2020-14145 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSSH cryptographic security tool is related to a lack of service...

9.8CVSS7.7AI score0.93305EPSS
Exploits35
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990010 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989942 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/31 12:30 a.m.8 views

EUVD-2025-37220

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged use...

7.1CVSS6.3AI score0.00937EPSS
Exploits0References4
NVD
NVD
added 2025/10/23 12:15 p.m.6 views

CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/10/23 12:15 p.m.10 views

UBUNTU-CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS5.8AI score0.00227EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/23 11:29 a.m.6 views

EUVD-2025-35666

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS6AI score0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/23 11:29 a.m.9 views

CVE-2025-62395 Moodle: external cohort search service leaks system cohort data

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/10/23 11:29 a.m.3 views

CVE-2025-62395 Moodle: external cohort search service leaks system cohort data

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS5.9AI score0.00227EPSS
Exploits0References5
CVE
CVE
added 2025/10/23 11:29 a.m.27 views

CVE-2025-62395

CVE-2025-62395 affects Moodle LMS via a flaw in the cohort search web service. The issue allows users with permissions in lower contexts to access cohort information from the system context, potentially exposing restricted administrative data. The Connected documents confirm the vulnerability des...

4.3CVSS6.1AI score0.00227EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/16 3:19 p.m.5 views

CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS6.5AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/08 5:2 a.m.5 views

EUVD-2025-31843

A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Parameter Handler. Performing manipulation of the argument ID results in cross site scripting. It is...

5.1CVSS3.6AI score0.00264EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/10/07 5:35 p.m.5 views

CVE-2025-36354

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validation of user supplied input...

7.3CVSS7.5AI score0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7299

Malware in sbrugna...

5.8CVSS6.8AI score0.01396EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-11169

Malware in sbrugna...

5.4CVSS5.5AI score0.0059EPSS
Exploits0References3
Rows per page
Query Builder