Lucene search
K

479 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.10 views

CVE-2022-0004

Hardware debug modes and processor INIT setting that allow override of locks for some IntelR Processors in IntelR Boot Guard and IntelR TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

7.2CVSS7.2AI score0.00268EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/08 8:54 p.m.5 views

Cross-site Scripting (XSS)

Overview @remix-run/router is a Nested/Data-driven/Framework-agnostic Routing Affected versions of this package are vulnerable to Cross-site Scripting XSS in the navigation redirect process for loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes. An attacker can execute...

8CVSS5.3AI score0.0077EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/08 8:54 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the navigation redirect process for loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes. An attacker can execute arbitrary JavaScript code in the context of the user's browser by...

8CVSS5.3AI score0.0077EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-6140

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.19.0-rc5-00154-g76ec646abdf7-dirty through 6.19.0-rc5-00154-g76ec646abdf7-dirty Description The Linux kernel contains a flaw related to insufficient checks for firmware data fwdata in the Octeontx2-af driver...

9.8CVSS6.4AI score0.0071EPSS
Exploits7References467
EUVD
EUVD
added 2025/12/18 6:30 p.m.5 views

EUVD-2025-204305

An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...

6.6AI score0.00493EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.32 views

CVE-2025-63390

An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...

0.00493EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52256

Name of the Vulnerable Software and Affected Versions AnythingLLM version 1.8.5 Description An authentication bypass allows unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. The issue is due to missing authentication checks in the...

5.3CVSS6.8AI score0.00493EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.4 views

CVE-2025-63390

An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed...

6.7AI score0.00493EPSS
Exploits0References3
OSV
OSV
added 2025/12/09 1:16 a.m.3 views

DEBIAN-CVE-2023-53798

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...

5.9AI score0.00168EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 12:0 a.m.20 views

CVE-2023-53798

CVE-2023-53798 affects the Linux kernel’s ethtool path for setting link modes via the legacy IOCTL interface. The root cause is an uninitialized struct ethtool_link_ksettings in the IOCTL/set_link_ksettings path, causing the lanes field to be read as uninitialized memory, which can influence driv...

6AI score0.00168EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/12/09 12:0 a.m.3 views

CVE-2023-53798

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...

5.9AI score0.00168EPSS
Exploits0
OSV
OSV
added 2025/12/09 12:0 a.m.4 views

CVE-2023-53798 ethtool: Fix uninitialized number of lanes

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtoollinkksettings' is not initialized in this path, drive...

6.2AI score0.00168EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/08 12:46 a.m.28 views

CVE-2025-40313 ntfs3: pretend $Extend records as regular files

In the Linux kernel, the following vulnerability has been resolved: ntfs3: pretend $Extend records as regular files Since commit af153bb63a33 "vfs: catch invalid modes in mayopen" requires any inode be one of SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/ SIFIFO/SIFSOCK type, use SIFREG for $Extend records...

0.00167EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2025/12/06 7:44 p.m.247 views

Exploit for Deserialization of Untrusted Data in Facebook React

Next.js/React RSC Scanner & Exploit - RCE...

10CVSS8.7AI score0.99562EPSS
Exploits374
Packet Storm
Packet Storm
added 2025/12/04 12:0 a.m.167 views

📄 Django 5.1.13 SQL Injection

Django version 5.1.13 suffers from a remote SQL injection vulnerability. Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link:...

9.1CVSS8.2AI score0.19396EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990415 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .getmodes The duplicated EDID is never freed. Fix it. Tenable...

5.5CVSS6.1AI score0.00258EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990635 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes In nv17tvgetldmodes, the...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990571 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgethdmodes In nv17tvgethdmodes, the...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988853 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatilepanelgetmodes, the return value of...

5.5CVSS6.2AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990198)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990198 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes In nv17tvgetldmodes, the...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References3
Rows per page
Query Builder