Lucene search
+L

92 matches found

Cvelist
Cvelist
added 2025/08/05 12:5 a.m.14 views

CVE-2025-54804 Russh is missing an overflow check during channel windows adjust

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS0.00386EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.11 views

编号撤回

Both libsoup and GNOME are products of the GNOME project. libsoup is an HTTP client/server library for GNOME. GNOME is a set of purely free computer software. It is used to provide a graphical desktop environment. This CVE number has been withdrawn...

6.6AI score
Exploits0References3
Cvelist
Cvelist
added 2025/06/10 3:32 p.m.41 views

CVE-2025-48937 matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...

4.9CVSS0.00311EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/10 2:43 a.m.6 views

Malicious code in apple-appstore-server-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ffc44075c7a6123e6fd516c9e8c1abbd98b481d26ae67ee10e814bec86bbe7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/03/17 8:16 p.m.7 views

RLSA-2025:0791 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.4CVSS7.3AI score0.00679EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 8:25 a.m.11 views

CVE-2024-47614

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

7.5CVSS6.7AI score0.00576EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/02/04 6:38 a.m.19 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

8.4CVSS7.1AI score0.00679EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/02/03 1:5 a.m.12 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.4CVSS7.1AI score0.00679EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/01/29 11:48 a.m.23 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.4CVSS7.1AI score0.00679EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2025/01/29 12:0 a.m.10 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.4CVSS8.7AI score0.00679EPSS
Exploits1References4
OSV
OSV
added 2025/01/21 11:15 p.m.2 views

CVE-2024-43096

In buildreadmultirsp of gattsr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 11:15 p.m.9 views

CVE-2024-43771

In gattsprocessreadreq of gattsr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 4:15 p.m.9 views

CVE-2024-52813

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified to an unverified one, which could cause client applicatio...

4.3CVSS0.00467EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/11/19 4:0 p.m.30 views

libsoup security update

An update is available for libsoup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsoup packages provide an HTTP client and server library for GNOME...

7.5CVSS6.8AI score0.00933EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/11/13 4:30 p.m.15 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.00793EPSS
Exploits1References2
OSV
OSV
added 2024/11/13 12:0 a.m.36 views

ALSA-2024:9573 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...

7.5CVSS7.7AI score0.00933EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/08/12 12:0 a.m.9 views

The vulnerability of the Jenkins Automation Remoting server library allows for the execution of arbitrary code.

The vulnerability of the Jenkins Automation Remoting server library is related to deficiencies in path name restrictions for restricted access catalogs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading class and resource files from the controller via...

9CVSS7.4AI score0.28782EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2024/07/25 5:43 p.m.9 views

CLSA-2024-1721929402 openssh: Fix of CVE-2024-6409

CVE-2024-6409: fix signal handler race condition vulnerability in sshd server...

7CVSS7.2AI score0.27935EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/18 4:45 p.m.12 views

CVE-2024-40648 `UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdk

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result retur...

5.4CVSS6.6AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2024/07/09 5:15 p.m.3 views

CVE-2024-37334

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability...

8.8CVSS5.9AI score0.01645EPSS
Exploits0References1
Rows per page
Query Builder