Lucene search
K

54838 matches found

RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.4 views

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

8.4CVSS6.8AI score0.00076EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 4:9 a.m.17 views

CVE-2025-40332

CVE-2025-40332: In the Linux kernel, drm/amdkfd mmap write lock could deadlock when draining a retry fault, because svm_range_restore_pages would unlock mmap_read_lock and return. The fix downgrades the mmap write lock to a read lock during draining retry faults, preventing deadlock and subsequen...

6AI score0.00184EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 2:15 a.m.7 views

CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS6.4AI score0.03895EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 2:15 a.m.21 views

CVE-2025-42880

CVE-2025-42880 concerns SAP Solution Manager. Underlying issue is missing input sanitation that allows an authenticated attacker to insert arbitrary code when calling a remote-enabled function module, potentially giving full control of the system and high impact to confidentiality, integrity, and...

9.9CVSS6.4AI score0.03895EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 2:15 a.m.26 views

CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS0.03895EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/09 1:29 a.m.4 views

CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...

5.5AI score0.00216EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/09 1:29 a.m.3 views

CVE-2022-50674

In the Linux kernel, the following vulnerability has been resolved: riscv: vdso: fix NULL deference in vdsojointimens when vfork Testing tools/testing/selftests/timens/vforkexec.c got below kernel log: 6.838454 Unable to handle kernel access to user memory without uaccess routines at virtual...

5.2AI score0.00198EPSS
Exploits0
NVD
NVD
added 2025/12/09 1:16 a.m.5 views

CVE-2023-53805

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
OSV
OSV
added 2025/12/09 1:16 a.m.2 views

UBUNTU-CVE-2023-53791

In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...

5.7AI score0.00155EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/09 12:0 a.m.28 views

CVE-2023-53802 wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...

0.00165EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/09 12:0 a.m.27 views

CVE-2023-53791 md: fix warning for holder mismatch from export_rdev()

In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...

0.00155EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/12/09 12:0 a.m.178 views

📄 React / Next.js Unauthenticated Remote Code Execution

A critical unauthenticated remote code execution vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with proto, constructor, o...

10CVSS8.4AI score0.99562EPSS
Exploits386
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49769

Name of the Vulnerable Software and Affected Versions SAP Solution Manager affected versions not specified Description SAP Solution Manager is susceptible to a code injection issue stemming from inadequate input sanitation. An authenticated attacker can inject malicious code when invoking a...

9.9CVSS8AI score0.03895EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree need be called to put refcount, so memory of phy device and devi...

6AI score0.00173EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/08 5:11 p.m.4 views

CVE-2025-14199

A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administration Module. Executing manipulation can lead to unrestricted upload. The attack may be performed from...

9.8CVSS6.1AI score0.00309EPSS
Exploits1References1
CVE
CVE
added 2025/12/08 4:57 p.m.16 views

CVE-2025-48622

CVE-2025-48622 affects the Android/OpenCV-related code path in the dng_misc_opcodes.cpp file, within the ProcessArea, where a buffer overflow can cause an out-of-bounds read. This leads to local information disclosure without requiring user interaction or elevated privileges. The available connec...

5.5CVSS5.5AI score0.00088EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/08 4:14 p.m.9 views

CVE-2025-14197

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...

6.9CVSS5.2AI score0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 9:30 a.m.3 views

EUVD-2025-201674

Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.1CVSS6.4AI score0.00057EPSS
Exploits0References3
NVD
NVD
added 2025/12/08 9:15 a.m.6 views

CVE-2025-66327

Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.1CVSS0.00057EPSS
Exploits0References1
OSV
OSV
added 2025/12/08 9:15 a.m.3 views

CVE-2025-66327

Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4.7CVSS5.8AI score0.00057EPSS
Exploits0References1
Rows per page
Query Builder