Lucene search
K

54816 matches found

CVE
CVE
added 2025/12/16 1:57 p.m.10 views

CVE-2025-68216

Summary (CVE-2025-68216): In the Linux kernel, LoongArch-architecture BPF trampoline attachments to kernel module functions have been disabled due to incompatibilities with tracing in modules. This prevents attaching BPF fentry/trampoline probes to module functions, addressing severe user-visible...

6AI score0.00155EPSS
Exploits0References2
OSV
OSV
added 2025/12/16 1:57 p.m.6 views

CVE-2025-68216 LoongArch: BPF: Disable trampoline for kernel module function trace

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...

6.3AI score0.00155EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/16 1:42 p.m.26 views

CVE-2025-68173 ftrace: Fix softlockup in ftrace_module_enable

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsymslookup can spend too much time in RCU critical section and...

0.00168EPSS
Exploits0References5
CVE
CVE
added 2025/12/16 1:42 p.m.13 views

CVE-2025-68173

The CVE-2025-68173 entry concerns the Linux kernel, where ftrace_module_enable could cause a soft lockup when loading the amdgpu module. The root cause is multiple kallsyms_lookup calls spending excessive time in the RCU critical section with preemption disabled, potentially leading to a kernel p...

6.1AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2025/12/16 1:42 p.m.4 views

CVE-2025-68173 ftrace: Fix softlockup in ftrace_module_enable

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsymslookup can spend too much time in RCU critical section and...

6.3AI score0.00168EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/12/16 8:36 a.m.26 views

keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...

8.2CVSS5.7AI score0.0038EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/12/16 6:3 a.m.362 views

Exploit for CVE-2025-61675

FreePBX-Multiple-CVEs-2025 This repository documents three se...

9.3CVSS7.7AI score0.50159EPSS
Exploits10
NVD
NVD
added 2025/12/16 1:15 a.m.7 views

CVE-2025-67747

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing marshal and types from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass...

8.5CVSS0.00237EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/16 12:39 a.m.1 views

CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn()

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS6.4AI score0.00235EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/16 12:32 a.m.27 views

CVE-2025-67747 Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing marshal and types from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass...

8.5CVSS0.00237EPSS
Exploits1References4
OSV
OSV
added 2025/12/16 12:32 a.m.6 views

CVE-2025-67747 Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing marshal and types from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass...

8.5CVSS7.5AI score0.00237EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/16 12:30 a.m.3 views

EUVD-2025-203467

A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...

6.5CVSS6.2AI score0.00378EPSS
Exploits1References7
EUVD
EUVD
added 2025/12/16 12:30 a.m.3 views

EUVD-2025-203471

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

5.8CVSS6.5AI score0.00386EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/16 12:25 a.m.3 views

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

8.8CVSS7.3AI score0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 12:23 a.m.2 views

CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module

The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...

8.6CVSS7.5AI score0.06127EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 12:16 a.m.4 views

CVE-2025-14731

A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...

7.2CVSS0.00378EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/16 12:0 a.m.27 views

CVE-2025-65581

An open redirect vulnerability exists in the Account module in Volosoft ABP Framework = 5.1.0 and 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an attacker to redirect users to arbitrary external domains...

0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incompatibility between the LoongArch BPF trampoline and the kernel module function trace, which could le...

6.1AI score0.00155EPSS
Exploits0References2
Redos
Redos
added 2025/12/16 12:0 a.m.5 views

ROS-20251216-7319

Vulnerability in VirtualBox-kmod related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

6.5CVSS7.1AI score0.00176EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/12/16 12:0 a.m.6 views

CVE-2025-65581

An open redirect vulnerability exists in the Account module in Volosoft ABP Framework = 5.1.0 and 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an attacker to redirect users to arbitrary external domains...

6.5AI score0.00239EPSS
Exploits0References2
Rows per page
Query Builder