Lucene search
K

26 matches found

CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a corruption in the on-the-fly encryption process in the SMB2write function. This vulnerability may cau...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the on-the-fly decryption of ESP inputs within shared skb fragments, potentially leading to data...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References2
Fedora
Fedora
added 2026/03/16 12:28 a.m.4 views

[SECURITY] Fedora 44 Update: qgis-3.44.8-1.fc44

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...

8.7CVSS5.8AI score0.00414EPSS
Exploits0
Fedora
Fedora
added 2026/03/14 2:23 a.m.6 views

[SECURITY] Fedora 42 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc42

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

5.5CVSS5.8AI score0.00147EPSS
Exploits0
Fedora
Fedora
added 2026/03/14 2:20 a.m.5 views

[SECURITY] Fedora 43 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc43

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

5.5CVSS5.8AI score0.00147EPSS
Exploits0
Fedora
Fedora
added 2026/03/14 2:20 a.m.8 views

[SECURITY] Fedora 43 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc43

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

5.5CVSS5.8AI score0.00147EPSS
Exploits0
Fedora
Fedora
added 2026/03/14 12:17 a.m.5 views

[SECURITY] Fedora 44 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc44

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

5.5CVSS5.8AI score0.00147EPSS
Exploits0
OSV
OSV
added 2025/11/28 12:51 p.m.6 views

OESA-2025-2760 emacs security update

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a proje...

7.8CVSS7.5AI score0.00526EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/03 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1885)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00526EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/14 8:23 a.m.18 views

CVE-2025-6065 Image Resizer On The Fly <= 1.1 - Unauthenticated Arbitrary File Deletion

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which c...

9.1CVSS0.0082EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/14 12:0 a.m.7 views

PT-2025-25482 · WordPress · Image Resizer On The Fly

Name of the Vulnerable Software and Affected Versions: Image Resizer On The Fly plugin for WordPress versions up to, and including, 1.1 Description: The issue is related to insufficient file path validation in the 'delete' task, allowing unauthenticated attackers to delete arbitrary files on the...

9.1CVSS9.5AI score0.0082EPSS
Exploits0References10
Packet Storm News
Packet Storm News
added 2025/05/29 12:0 a.m.3 views

Joint Data Hiding and Partial Encryption of Compressive Sensed Streams

The paper proposes a method to secure the Compressive Sensing CS streams. It consists in protecting part of the measurements by a secret key and inserting the code into the rest. The secret key is generated via a cryptographically secure pseudo-random number generator CSPRNG and XORed with the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/23 12:0 a.m.4 views

CAIBA: Multicast Source Authentication for CAN through Reactive Bit Flipping

Controller Area Networks CANs are the backbone for reliable intra-vehicular communication. Recent cyberattacks have, however, exposed the weaknesses of CAN, which was designed without any security considerations in the 1980s. Current efforts to retrofit security via intrusion detection or message...

7.1AI score
Exploits0
OSV
OSV
added 2024/11/27 3:15 p.m.2 views

DEBIAN-CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS8.2AI score0.00526EPSS
Exploits0References1
OSV
OSV
added 2024/11/27 3:15 p.m.6 views

AZL-53703 CVE-2024-53920 affecting package emacs for versions less than 29.4-3

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS7.5AI score0.00526EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/11/27 3:15 p.m.3 views

CVE-2024-53920

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...

7.8CVSS8AI score0.00526EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/10 12:0 a.m.8 views

CVE-2024-25077

An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...

7AI score0.00412EPSS
Exploits0References1
CVE
CVE
added 2024/07/10 12:0 a.m.50 views

CVE-2024-25077

CVE-2024-25077 affects Renesas SmartBond DA14691/DA14695/DA14697/DA14699. The issue: the Nonce used for on-the-fly flash decryption is stored in an unsigned header, allowing modification without invalidating the secure-boot signature. The decryption engine uses AES in CTR mode without authenticat...

9.8CVSS7AI score0.00412EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.5 views

apache-ivy: Directory Traversal

A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access...

9.1CVSS7.3AI score0.01819EPSS
Exploits0References5
CNVD
CNVD
added 2022/01/24 12:0 a.m.27 views

Oracle GraalVM Input Validation Error Vulnerability

Oracle GraalVM is a set of on-the-fly compilers written in the Java language from Oracle Corporation USA.GraalVM Enterprise Edition is the enterprise version of GraalVM.An input validation error vulnerability exists in Oracle GraalVM due to an Oracle GraalVM Enterprise Edition has incorrect input...

5.3CVSS4.2AI score0.03216EPSS
Exploits0References1
Rows per page
Query Builder