Lucene search
+L

514 matches found

Snyk
Snyk
added 2025/10/21 6:4 p.m.2 views

Use of a Cryptographic Primitive with a Risky Implementation

Overview Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation in the handling of precompiles in the BalanceHandler that can cause prevEventsLen to be overwritten. An attacker can compromise the integrity or confidentiality of the system ...

9.3CVSS6.7AI score
Exploits0References3
OpenVAS
OpenVAS
added 2025/10/16 12:0 a.m.3 views

Google Chrome Security Update (stable-channel-update-for-desktop_14-2025-10) - Linux

Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS6.9AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/11 12:20 a.m.10 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

6.5CVSS8AI score0.00334EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/10 9:31 p.m.7 views

EUVD-2025-33763

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

6.5CVSS7.5AI score0.00334EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/10 12:0 a.m.4 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

7.6AI score0.00334EPSS
Exploits1References2
CVE
CVE
added 2025/10/10 12:0 a.m.20 views

CVE-2025-61505

The CVE concerns e107 CMS ≤ 2.3.3 with insecure deserialization in install.php. The code processes user-supplied previous_steps via unserialize(base64_decode()), enabling crafted serialized payloads that can cause remote code execution, arbitrary file operations, or DoS if PHP object gadgets exis...

6.5CVSS7.6AI score0.00334EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.9 views

PT-2025-41591

Name of the Vulnerable Software and Affected Versions e107 CMS versions through 2.3.3 Description The software contains a flaw due to insecure deserialization in the install.php script. The script processes user-controlled input received in the previous steps POST parameter using unserializebase6...

6.5CVSS7.7AI score0.00334EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/10 12:0 a.m.34 views

CVE-2025-61505

e107 CMS thru 2.3.3 are vulnerable to insecure deserialization in the install.php script. The script processes user-controlled input in the previoussteps POST parameter using unserializebase64decode without validation, allowing attackers to craft malicious serialized data. This could lead to remo...

0.00334EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/09 3:31 p.m.6 views

EUVD-2025-33335

In the Linux kernel, the following vulnerability has been resolved: iouring: fix incorrect iokiocb reference in iolinkskb In iolinkskb function, there is a bug where prevnotif is incorrectly assigned using 'nd' instead of 'prevnd'. This causes the context validation check to compare the current...

5.9AI score0.00141EPSS
Exploits0References4
NVD
NVD
added 2025/10/09 1:15 p.m.5 views

CVE-2025-39963

In the Linux kernel, the following vulnerability has been resolved: iouring: fix incorrect iokiocb reference in iolinkskb In iolinkskb function, there is a bug where prevnotif is incorrectly assigned using 'nd' instead of 'prevnd'. This causes the context validation check to compare the current...

7.8CVSS0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/09 12:13 p.m.10 views

CVE-2025-39963 io_uring: fix incorrect io_kiocb reference in io_link_skb

In the Linux kernel, the following vulnerability has been resolved: iouring: fix incorrect iokiocb reference in iolinkskb In iolinkskb function, there is a bug where prevnotif is incorrectly assigned using 'nd' instead of 'prevnd'. This causes the context validation check to compare the current...

0.00141EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of the nd parameter instead of the prevnd parameter in the iolinkskb function, which could...

7.8AI score0.00141EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-5347

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.02114EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20065

Malicious code in bioql PyPI...

8.7AI score0.00482EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-0422

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00487EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-1970

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00328EPSS
Exploits0References3
CVE
CVE
added 2025/09/16 4:11 p.m.30 views

CVE-2023-53304

CVE-2023-53304 concerns the Linux kernel netfilter nft_set_rbtree code. The advisory describes three concrete issues resolved by patching: 1) a lazy garbage-collection on insert that may fail to release the other half of an interval, impacting interval timing expiration walks; 2) incorrect use of...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/09/16 8:15 a.m.5 views

CVE-2023-53288

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclientmodesetprobe When a new mode is set to modeset-mode, the previous mode should be freed. This fixes the following kmemleak report: drmmodeduplicate+0x45/0x220 drm...

5.5CVSS0.00136EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/09/16 8:11 a.m.1 views

CVE-2023-53288 drm/client: Fix memory leak in drm_client_modeset_probe

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclientmodesetprobe When a new mode is set to modeset-mode, the previous mode should be freed. This fixes the following kmemleak report: drmmodeduplicate+0x45/0x220 drm...

8AI score0.00136EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/16 8:11 a.m.7 views

CVE-2023-53288 drm/client: Fix memory leak in drm_client_modeset_probe

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclientmodesetprobe When a new mode is set to modeset-mode, the previous mode should be freed. This fixes the following kmemleak report: drmmodeduplicate+0x45/0x220 drm...

0.00136EPSS
Exploits0References6
Rows per page
Query Builder