Lucene search
K

334 matches found

Packet Storm News
Packet Storm News
added 2026/01/21 12:0 a.m.4 views

DCeption: Real-World Wireless Man-In-The-Middle Attacks against CCS EV Charging

The adoption of Electric Vehicles EVs is happening at a rapid pace. To ensure fast and safe charging, complex communication is required between the vehicle and the charging station. In the globally used Combined Charging System CCS, this communication is carried over the HomePlug Green PHY HPGP...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/14 12:10 a.m.4 views

kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock

A vulnerability was found in the Linux kernel's Controller Area Network CAN protocol, within the J1939 protocol implementation. This issue occurs due to a potential deadlock caused by a race condition involving three locks: j1939sockslock, activesessionlistlock, and sksessionqueuelock. This issue...

5.5CVSS7.2AI score0.00183EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993205 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving propos...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992658 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: check ipareaoffset and ipv6prefixescnt when receiving proposal msg When receiving propos...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References4
CNVD
CNVD
added 2025/12/10 12:0 a.m.2 views

Nextcloud Calendar Security Feature Issue Vulnerability

Nextcloud Calendar is a Nextcloud open source calendar application. Nextcloud Calendar suffers from a security signature issue vulnerability that stems from an insecure way of generating meeting proposal participant tokens, which can be exploited by an attacker to cause the tokens to be computed...

6.5CVSS6.8AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2025/12/05 4:42 p.m.26 views

CVE-2025-66511

The CVE-2025-66511 issue affects Nextcloud Calendar prior to version 6.0.3. It stems from insecure generation of meeting proposal participant tokens (not purely random; based on a hash function), which enables an attacker to compute valid tokens and abuse them to view details and submit dates in ...

6.5CVSS6.3AI score0.00255EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Nextcloud Calendar 安全特征问题漏洞

Nextcloud Calendar is a Nextcloud open source calendar application. Nextcloud Calendar suffers from a security signature issue vulnerability that stems from an insecure way of generating meeting proposal participant tokens, which can be exploited by an attacker to cause the tokens to be computed...

6.5CVSS6.4AI score0.00255EPSS
Exploits0References4
OSV
OSV
added 2025/11/24 11:34 p.m.1 views

GHSA-XQ4H-WQM2-668W Babylon's BIP322 signature implementation is not fully compliant to the spec

Summary The BIP-322 signature verification does not enforce the SIGHASH value to be SIGHASHALL, and therefore is not strictly following the spec. Impact Non-compliant BIP-322 signatures in proof of possessions can be accepted by the chain...

6.9CVSS6.8AI score
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/10/17 1:1 a.m.8 views

net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg

...

5.5CVSS7AI score0.00212EPSS
Exploits0
Hacker One
Hacker One
added 2025/10/15 4:45 p.m.8 views

Nextcloud: Predictable proposal participant tokens enable unauthorized access and vote submission

A vulnerability was discovered in predictable proposal participant tokens, which enabled unauthorized access and vote submission...

6.5CVSS6.7AI score0.00255EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-6063

Malware in sbrugna...

4.3CVSS6.4AI score0.01189EPSS
Exploits0References5
OSV
OSV
added 2025/10/06 7:52 p.m.4 views

CLSA-2025-1759780334 python3: Fix of CVE-2007-4559

CVE-2007-4559: implement PEP 706 - a filter in the tarfile module to prevent directory traversal vulnerability...

9.8CVSS6AI score0.27095EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4587

Malicious code in bioql PyPI...

6.6AI score
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-15807

Malicious code in bioql PyPI...

7.3CVSS8AI score0.00338EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1247

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00584EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50217

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00453EPSS
Exploits0References2
Metasploit
Metasploit
added 2025/08/28 6:53 p.m.458 views

Pretalx Arbitrary File Read/Limited File Write

This module exploits functionality in Pretalx that export conference schedule as zipped file. The Pretalx will iteratively include any file referenced by any HTML tag and does not properly check the path of the file, which can lead to arbitrary file read. The module requires credentials that allo...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.15 views

SUSE SLES15: kernel-coco / kernel-coco-devel / kernel-coco_debug / etc (SUSE-SU-2025:02923-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02923-1 advisory. The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs...

7.8CVSS7.3AI score0.03133EPSS
Exploits17References1405
HackRead
HackRead
added 2025/06/23 4:16 p.m.3 views

Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague

Newark, United States, 23rd June 2025, CyberNewsWire...

7.3AI score
Exploits0
OSV
OSV
added 2025/06/16 3:33 p.m.2 views

SUSE-SU-2025:20413-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...

7.8CVSS6.9AI score0.00618EPSS
Exploits3References422
Rows per page
Query Builder