Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2673 matches found

ATTACKERKB
ATTACKERKBadded 2025/12/24 10:32 a.m.1 views

CVE-2025-68344

In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fix integer overflow in sample size validation The wavefrontsendsample function has an integer overflow issue when validating sample size. The header-size field is u32 but gets cast to int for comparison with...

5.4AI score0.00177EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linuxadded 2025/12/22 5:4 p.m.2 views

kernel: NFSD: Protect against send buffer overflow in NFSv2 READ

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This...

7.8CVSS7AI score0.0017EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/12/17 10:44 p.m.18 views

CVE-2023-53906 ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

5.1CVSS0.00257EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/12/17 8:7 a.m.2 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.2CVSS6.7AI score0.00234EPSS
Exploits1References1
EUVD
EUVDadded 2025/12/16 6:31 p.m.2 views

EUVD-2025-203773

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

6AI score0.00161EPSS
Exploits0References6
NVD
NVDadded 2025/12/16 4:16 p.m.3 views

CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

0.00161EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2025/12/16 4:16 p.m.2 views

CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

5.9AI score0.00161EPSS
Exploits0References23
OSV
OSVadded 2025/12/16 4:16 p.m.1 views

UBUNTU-CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

5.7AI score0.00161EPSS
Exploits0References24
Cvelist
Cvelistadded 2025/12/16 3:6 p.m.26 views

CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

0.00161EPSS
Exploits0References6
CVE
CVEadded 2025/12/16 3:6 p.m.16 views

CVE-2025-68307

CVE-2025-68307 – Linux kernel can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs. Root cause: missing cleanup of failed URB transfers, decreasing available URBs per error by 1, which can degrade performance and may halt transmission. Affected: linux kernel driver can: gs...

6.1AI score0.00161EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/12/16 12:0 a.m.3 views

PT-2025-51711

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The CAN driver within the Linux kernel contains an issue in the gs usb xmit callback function related to the handling of failed transmitted URBs. The driver does not properly clean up...

5.3AI score0.00161EPSS
Exploits0
NVD
NVDadded 2025/12/15 9:15 p.m.5 views

CVE-2023-53872

Wp2Fac 1.0 contains an OS command injection vulnerability in the send.php endpoint that allows remote attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'numara' parameter by appending shell commands with '&' operators to execute malicious code...

9.3CVSS0.0107EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/12/15 8:28 p.m.3 views

CVE-2023-53872 Wp2Fac 1.0 OS Command Injection via send.php Endpoint

Wp2Fac 1.0 contains an OS command injection vulnerability in the send.php endpoint that allows remote attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'numara' parameter by appending shell commands with '&' operators to execute malicious code...

9.3CVSS8AI score0.0107EPSS
Exploits0References3
CVE
CVEadded 2025/12/15 8:28 p.m.9 views

CVE-2023-53872

Wp2Fac 1.0 has an OS command injection vulnerability in the send.php endpoint. The vulnerability allows remote attackers to execute arbitrary system commands by injecting shell commands through the numara parameter (using & to chain commands). Impact is described as high for confidentiality, inte...

9.3CVSS8AI score0.0107EPSS
Exploits0References3
Snyk
Snykadded 2025/12/15 7:40 p.m.1 views

NULL Pointer Dereference

Overview cordova-plugin-x-socialsharing is a Share text, images and other files, or a link via the native sharing widget of your device. Android is fully supported, as well as iOS 6 and up. WP8 has somewhat limited support. Affected versions of this package are vulnerable to NULL Pointer...

6.9CVSS6.7AI score0.00234EPSS
Exploits1References2
OSV
OSVadded 2025/12/15 7:16 p.m.2 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.2CVSS6.7AI score
Exploits0References3
Cvelist
Cvelistadded 2025/12/15 12:0 a.m.16 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

0.00234EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/12/15 12:0 a.m.3 views

PT-2025-51277

Name of the Vulnerable Software and Affected Versions cordova-plugin-x-socialsharing version 6.0.4 Description The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with a...

6.2CVSS6.6AI score0.00234EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/12/15 12:0 a.m.3 views

PT-2025-51290

Name of the Vulnerable Software and Affected Versions Wp2Fac version 1.0 Description The software contains an OS command injection issue in the send.php endpoint. This allows remote attackers to execute arbitrary system commands. The issue occurs because attackers can inject shell commands throug...

9.3CVSS8.1AI score0.0107EPSS
Exploits0References7
CVE
CVEadded 2025/12/15 12:0 a.m.11 views

CVE-2025-65835

The CVE-2025-65835 family concerns the Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android, version 6.0.4. An exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent accepts android.intent.action.SEND intents and dereferences Intent.EXTRA_C...

6.2CVSS6.3AI score0.00234EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder