Lucene search
K

28 matches found

CVE
CVE
added 2026/06/12 6:7 p.m.12 views

CVE-2026-50101

CVE-2026-50101 affects Naxclow IoT Platform devices. The issue is a server-side, per-device relay credential that never rotates and is re-issued on every boot. Since the credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, an adversary who gains it can mai...

9.2CVSS5.2AI score0.00281EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a NULL pointer dereferencing in netfsunbufferedwrite, when a write subrequest is marked as NETFSSREQNEEDRETRY. When the retry path in netfsunbufferedwrite calls stream-preparewrite without checking whether...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from an authentication flaw in the WebAuthn process. This flaw allows remote attackers to reissue the ExecuteActionsActionToken token, enabling them ...

6.8CVSS5.8AI score0.0044EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/23 1:26 a.m.7 views

SUSE CVE-2026-31437

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

5.6AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 3:31 p.m.5 views

EUVD-2026-24762

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

5.6AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 2:16 p.m.3 views

CVE-2026-31437

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

5.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/22 1:53 p.m.27 views

CVE-2026-31437 netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13047

Malicious code in bioql PyPI...

7.2AI score0.00155EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:48 p.m.4 views

ublk: fix handling recovery & reissue in ublk_abort_queue()

...

5.5CVSS6.8AI score0.00155EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/02 2:2 a.m.5 views

SUSE CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

5.5CVSS6.5AI score0.00155EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 1:15 p.m.2 views

DEBIAN-CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 1:15 p.m.3 views

UBUNTU-CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References26
CVE
CVE
added 2025/05/01 12:56 p.m.98 views

CVE-2025-37759

The CVE-2025-37759 issue affects the Linux kernel’s ublk driver. The root cause is that the change in the ublk_abort_queue path did not grab a request reference during recovery reissues, allowing a zc (zero-copy) request to be requeued and re-dispatched and potentially freed before io_uring could...

5.5CVSS6.8AI score0.00155EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/08/21 7:15 a.m.2 views

DEBIAN-CVE-2023-52895

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...

5.5CVSS5.5AI score0.00205EPSS
Exploits0References1
OSV
OSV
added 2024/08/21 7:15 a.m.4 views

UBUNTU-CVE-2023-52895

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, we can safely ignore a spurious...

5.5CVSS5.7AI score0.00205EPSS
Exploits0References5
OSV
OSV
added 2024/01/16 9:13 p.m.14 views

GHSA-R78F-4Q2Q-HVV4 CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential

Summary The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to generate a valid Non-Revocation Proof for that...

6.5CVSS7AI score0.00276EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-12692

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times...

5.5CVSS7AI score0.00705EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 5:29 p.m.8 views

GSD-2023-1001962 io_uring/poll: don't reissue in case of poll race on multishot request

iouring/poll: don't reissue in case of poll race on multishot request This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2022/02/24 9:50 a.m.30 views

CVE-2022-25355

EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users...

5.6AI score0.01138EPSS
Exploits0References2
Veracode
Veracode
added 2020/05/08 5:36 a.m.21 views

Man-in-the-Middle (MitM)

openstack keystone is vulnerable to man-in-the-middle attack. Lack of signature TTL check to verify the timestamp in the AWS Signature V4 token signature allows an attacker to sniff an Authorization header in a man-in-the-middle attack and reuse the header to reissue openstack tokens...

5.4CVSS2.9AI score0.00705EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder