Lucene search
K

301 matches found

Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.4 views

CVE-2025-54479 BIG-IP PEM vulnerability

When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.5AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.3 views

CVE-2025-55669 BIG-IP HTTP/2 vulnerability

When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.0035EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 5:10 p.m.5 views

EUVD-2025-33754

A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3607

Malware in sbrugna...

4.3CVSS6.3AI score0.09402EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-4035

Malware in sbrugna...

7.5CVSS7.5AI score0.00761EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0955

Malware in sbrugna...

5CVSS6.4AI score0.01139EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-386566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386566 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler...

4.7CVSS5.9AI score0.00272EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-54531

Malicious code in bioql PyPI...

5.5CVSS6AI score0.00237EPSS
Exploits0References3
OSV
OSV
added 2025/09/11 5:15 p.m.7 views

AZL-74664 CVE-2025-39770 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

5.5CVSS5.6AI score0.00144EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 12:42 p.m.7 views

OESA-2025-2167 lighttpd security update

Secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more...

7.5CVSS6.6AI score0.04604EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2025/08/20 3:43 p.m.7 views

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service...

7.5CVSS7.1AI score0.01898EPSS
Exploits0References5
OSV
OSV
added 2025/08/19 5:3 p.m.3 views

CVE-2025-38588 ipv6: prevent infinite loop in rt6_nlmsg_size()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

5.5CVSS6AI score0.00147EPSS
Exploits0References10
NVD
NVD
added 2025/08/13 1:15 p.m.10 views

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

7.5CVSS0.04604EPSS
Exploits3References17
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even a...

5.5CVSS6.1AI score0.00178EPSS
Exploits0References3
OSV
OSV
added 2025/07/25 3:15 p.m.2 views

UBUNTU-CVE-2025-38432

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/16 3:19 p.m.4 views

tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame

A flaw was found in Apache Tomcat. This vulnerability allows an application-level denial of service DoS, causing it to become unresponsive or slow via maliciously crafted HTTP/2 prioritization headers. It performs an incomplete cleanup of failed requests, which triggers a memory leak...

7.5CVSS7.1AI score0.66933EPSS
Exploits5References5
OSV
OSV
added 2025/07/03 9:15 a.m.8 views

UBUNTU-CVE-2025-38147

In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AFINET sk. syzkaller reported a null-ptr-deref in txoptget. 0 The offset 0x70 was of struct ipv6txoptions in struct ipv6pinfo, so struct ipv6pinfo was NULL there. However, this never...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References43
CVE
CVE
added 2025/06/19 10:7 a.m.43 views

CVE-2025-31698

Summary : CVE-2025-31698 affects Apache Traffic Server (ATS). The ACLs configured in ip_allow.config or remap.config may use IP addresses not provided by the PROXY protocol when ATS is configured to accept PROXY, exposing confidentiality. Affected ranges include 10.0.0–10.0.6 and 9.0.0–9.2.10. Ro...

7.5CVSS6.5AI score0.00448EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:12 a.m.13 views

CVE-2024-35175

sshpiper is a reverse proxy for sshd. Starting in version 1.0.50 and prior to version 1.3.0, the way the proxy protocol listener is implemented in sshpiper can allow an attacker to forge their connecting address. Commit 2ddd69876a1e1119059debc59fe869cb4e754430 added the proxy protocol listener as...

5.3CVSS5.2AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:35 p.m.3 views

CVE-2021-25663

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2017.02.4, Nucleus ReadyStart V4 All versions V4.1.0, Nucleus Source Code All versions...

8.7CVSS7AI score0.01885EPSS
Exploits0References1
Rows per page
Query Builder