Lucene search
K

114 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/23 3:23 p.m.2 views

CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.7AI score0.00164EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/01/23 3:23 p.m.36 views

CVE-2025-71160

CVE-2025-71160 relates to the Linux kernel netfilter nf_tables chain validation. The vulnerability arises from the validator traversing the entire chain graph (base chains and chain jumps), which can trigger CPU soft lockups in nft_chain_validate under certain input paths. The change described ai...

5.5CVSS5.2AI score0.00164EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/23 3:23 p.m.4 views

CVE-2025-71160 netfilter: nf_tables: avoid chain re-validation if possible

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/01/23 3:23 p.m.5 views

CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.2AI score0.00164EPSS
Exploits0
OSV
OSV
added 2026/01/23 12:31 a.m.3 views

GHSA-2VGV-HGV4-22MH Gitea improperly exposes issue and pull request titles

Gitea's notification API does not re-validate repository access permissions when returning notification details. After a user's access to a private repository is revoked, they may still view issue and pull request titles through previously received notifications...

2.3CVSS5.4AI score0.00344EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/01/23 12:31 a.m.8 views

Gitea improperly exposes issue titles and repository names through previously started stopwatches

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...

6.5CVSS5.4AI score0.00333EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2026/01/22 10:1 p.m.2 views

CVE-2026-20883

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...

6.5CVSS5.9AI score0.00333EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-26099

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the XFS file system related to the revalidation of two btrees during file system repair. Specifically, the issue arises when rebuilding both the...

5.5CVSS5.8AI score0.00141EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: frr (TSSA-2025:0329)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7.3AI score0.00837EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/10/30 12:0 a.m.36 views

Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures

As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0072

Malware in sbrugna...

9.3CVSS6.4AI score0.02184EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-23703

Malware in sbrugna...

7.1CVSS6.9AI score0.00939EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8302

Malware in sbrugna...

8.1CVSS8AI score0.00957EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/05 12:0 a.m.4 views

SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2025:03453-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03453-1 advisory. - CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processi...

7.5CVSS7.2AI score0.00837EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/03 10:41 a.m.6 views

Security update for frr

This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.9CVSS6.9AI score0.00837EPSS
Exploits0References4
OSV
OSV
added 2025/09/23 8:35 a.m.2 views

SUSE-SU-2025:03297-1 Security update for frr

This update for frr fixes the following issues: - CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237...

7.5CVSS6.8AI score0.00837EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/09/19 12:13 p.m.2 views

Security update for frr

This update for frr fixes the following issues: CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processing several RPKI updates bsc1235237. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.9CVSS7.1AI score0.00837EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.5 views

In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size

...

7.5CVSS7AI score0.00837EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.5 views

CE Phoenix Cart 访问控制错误漏洞

CE Phoenix Cart is a free, open source e-commerce shopping cart software from CE Phoenix Cart Open Source. An access control error vulnerability exists in CE Phoenix Cart versions prior to 1.0.9.7 through 1.1.0.3, which stems from a lack of password revalidation when deleting an account, which...

5.5CVSS6.6AI score0.00142EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:38 p.m.9 views

CVE-2020-36125

Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly...

7.1CVSS6.8AI score0.00939EPSS
Exploits1
Rows per page
Query Builder