Lucene search
K

1290 matches found

OSV
OSV
added 2025/05/01 3:16 p.m.2 views

UBUNTU-CVE-2022-49771

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...

4.7CVSS6.3AI score0.00137EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.7 views

The vulnerability of the RPC Endpoint Mapper service on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the RPC Endpoint Mapper service on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.6AI score0.00505EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/27 12:0 a.m.6 views

novel-cloud 注入漏洞

novel-cloud is a Spring Cloud microservices technology stack learning novel project built on novel by xxy individual developer. An injection vulnerability exists in novel-cloud version 1.4.0, which originates from a SQL injection due to a misuse of function RestResp in file...

9.8CVSS7AI score0.00362EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.7 views

Vulnerability of the __dm_internal_suspend() function in the drivers/md/dm.c module – The driver for supporting multiple devices (RAID and LVM) in the Linux kernel allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the dminternalsuspend function in the drivers/md/dm.c module – The driver for supporting multiple devices RAID and LVM in the Linux kernel is vulnerable due to improper control of resource identifiers “resource injection”. Exploiting this vulnerability allows an attacker to...

6.5CVSS6.4AI score0.00689EPSS
Exploits0References52Affected Software6
RedhatCVE
RedhatCVE
added 2025/04/10 5:51 p.m.15 views

CVE-2025-26679

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...

7.8CVSS7.2AI score0.00505EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.2 views

PT-2025-27726

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the device-mapper dm and its handling of zoned devices with zone write plugs. The issue arises when the dm revalidate...

6CVSS8.2AI score0.00137EPSS
Exploits0
NVD
NVD
added 2025/04/08 6:15 p.m.11 views

CVE-2025-26679

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00505EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 6:15 p.m.3 views

CVE-2025-26679

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00505EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 5:23 p.m.103 views

CVE-2025-26679

CVE-2025-26679 is described as a use-after-free in the RPC Endpoint Mapper Service that allows a locally authenticated attacker to escalate privileges. Connected sources corroborate its existence and categorize the impact as a privilege-escalation flaw within Windows’ RPC Endpoint Mapper componen...

7.8CVSS7.5AI score0.00505EPSS
Exploits0References1Affected Software15
Cvelist
Cvelist
added 2025/04/08 5:23 p.m.26 views

CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

...

7.8CVSS0.00505EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/08 5:23 p.m.12 views

CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

...

7.8CVSS7.2AI score0.00505EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.13 views

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally...

7.8CVSS7.3AI score0.00505EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15520 · Microsoft · Windows Rpc Endpoint Mapper Service +1

Name of the Vulnerable Software and Affected Versions: Windows RPC Endpoint Mapper Service affected versions not specified Description: The issue is related to a use after free vulnerability in the RPC Endpoint Mapper Service, which allows an authorized attacker to elevate privileges locally. Thi...

7.8CVSS8.3AI score0.00505EPSS
Exploits0References8
OSV
OSV
added 2025/03/20 12:9 p.m.12 views

CLSA-2025-1742472545 kernel: Fix of 9 CVEs

USB: serial: ioedgeport: fix use after free in debug printk CVE-2024-50267 - HID: core: zero-initialize the report buffer CVE-2024-50302 - dm cache: fix potential out-of-bounds access on the first resume CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing...

7.8CVSS7.2AI score0.00809EPSS
Exploits0References1
OSV
OSV
added 2025/03/18 3:16 p.m.1 views

CVE-2025-25590

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml...

6.1CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2025/03/18 3:16 p.m.2 views

CVE-2025-25580

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...

6.1CVSS5.8AI score0.00181EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.12 views

device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/03/17 12:0 a.m.4 views

Creating Scripts to Identify Vulnerable Proxy Servers

This whitepaper covers how to create Nmap scripts to identify banners and versions of proxy servers. It also covers methods to mitigate the public visibility of banners and version information on proxy servers. Written in Portuguese...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/03/11 12:0 a.m.4 views

Creating Scripts to Identify Vulnerable FTPs

This whitepaper covers how to create Nmap scripts to identify banners and versions of FTP servers. It also covers methods to mitigate the public visibility of banners and version information on FTP servers. Written in Portuguese...

6.7AI score
Exploits0
OSV
OSV
added 2025/03/10 9:9 p.m.4 views

GHSA-GVGG-2R3R-53X7 Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims

This vulnerability is caused by the improper mapping of users to organizations based solely on email/username patterns. The issue is limited to the token claim level, meaning the user is not truly added to the organization but may appear as such in applications relying on these claims. The risk...

5.4CVSS5.9AI score0.00378EPSS
Exploits0References7
Rows per page
Query Builder