Lucene search
K

39 matches found

NVD
NVD
added 2026/06/23 9:16 p.m.8 views

CVE-2026-46553

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NCATTACHMENTFIELDSIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured...

5.3CVSS0.0024EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/05/28 3:0 p.m.75 views

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

In this article 1. Pre-encryption 2. File encryption 3. Post-encryption 4. Defending against The Gentlemen ransomware 5. Microsoft Defender detections and hunting guidance 6. Indicators of compromise Ransomware that combines robust encryption with rapid lateral movement significantly increases th...

6.2AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: blk-mq: The crypto keyslot must be released before reporting I/O completion. Once all I/O using the blkcryptokey is completed, the file systems can call blkcryptoevictkey. However, the block layer currently does not call...

6AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis. Each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...

5.5CVSS6.1AI score0.00222EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/12/17 12:15 a.m.6 views

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

7.5CVSS5.9AI score0.02224EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/12/15 2:6 a.m.7 views

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

7.5CVSS5.9AI score0.02224EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/10 4:54 a.m.11 views

CVE-2023-53810

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

4.5CVSS5.2AI score0.00171EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/09 3:31 a.m.5 views

EUVD-2023-60096

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

5.8AI score0.00171EPSS
Exploits0References7
OSV
OSV
added 2025/12/09 1:16 a.m.9 views

UBUNTU-CVE-2023-53810

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

5.7AI score0.00171EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 12:1 a.m.6 views

CVE-2023-53810 blk-mq: release crypto keyslot before reporting I/O complete

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

6.3AI score0.00171EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/12/09 12:1 a.m.4 views

CVE-2023-53810

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

5.5AI score0.00171EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.10 views

PT-2025-49670

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blk crypto key has completed, filesystems can call blk crypto evict key. However, the block layer currently doesn't call blk crypto put keyslot unt...

6.3AI score0.00171EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/08 3:17 p.m.10 views

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

8.8CVSS6.2AI score0.00359EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2025/12/07 3:2 p.m.4 views

CVE-2025-14195

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

8.8CVSS5.3AI score0.00359EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/07 3:2 p.m.3 views

CVE-2025-14195 code-projects Employee Profile Management System add_file_query.php unrestricted upload

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/addfilequery.php. The manipulation of the argument perfile results in unrestricted upload. The attack may be launched remotely. The exploit has been...

6.5CVSS6.2AI score0.00359EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/07 12:0 a.m.5 views

Code-Projects Employee Profile Management System 代码问题漏洞

Employee Profile Management System is an employee profile management system. Employee Profile Management System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter perfile in the file /profiling/addfilequery.php. No details of the...

8.8CVSS6.6AI score0.00359EPSS
Exploits1References6
OSV
OSV
added 2025/11/25 10:50 p.m.3 views

JLSEC-2025-326 A path traversal vulnerability exists in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

7.5CVSS6.9AI score0.02224EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2025/11/12 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2025-2411)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.6CVSS7.9AI score0.00287EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-26590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms ...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.8 views

The vulnerabilities of the Support-per-file encoding() and Show origin of this line() functions in the Gitk browser allow attackers to gain unauthorized access to create and delete user files.

The vulnerability of the Support per-file encoding and Show origin of this line functions in the Gitk browser exists because measures to eliminate special elements are not taken. Exploiting this vulnerability can allow an intruder to gain unauthorized access to create and delete user files...

3.6CVSS6.5AI score0.00287EPSS
Exploits0References10Affected Software5
Rows per page
Query Builder