108 matches found
EUVD-2022-6675
Malicious code in bioql PyPI...
EUVD-2022-6784
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-2782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior...
Linux Distros Unpatched Vulnerability : CVE-2013-6668
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2016-7917
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nfnetlinkrcvbatch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough...
CVE-2025-53709
Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...
CVE-2025-53634 Chall-Manager's HTTP Gateway have no header check timeout leading to potential slow loris attacks
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyo...
CVE-2025-53709
Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...
CVE-2025-53709 Access control issues impacting secure-upload service
Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...
CVE-2025-6952
A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...
CVE-2025-52894 OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...
Important: mod_security
Issue Overview: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json,...
EulerOS 2.0 SP11 : elfutils (EulerOS-SA-2025-1649)
According to the versions of the elfutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function...
CVE-2025-5935
A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function commonregisterstate of the file src/mme/emm-sm.c of the component AMF/MME. The manipulation of the argument ranueid leads to denial of service. The attack can be...
CVE-2025-48997
Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.1 allows an attacker to trigger a Denial of Service DoS by sending an upload file request with an empty string field name. This request causes ...
CVE-2025-20678
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-20676
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412240; Issue ID: MSV-3293...
CVE-2025-20673
CVE-2025-20673 affects the MediaTek wlan STA driver. The issue is a crash triggered by an uncaught exception, enabling local denial of service with privileges at the user level and no user interaction required. The documented impact is a local DoS, with a CVSSv3.1 base score of 5.5 (MEDIUM) and a...
CVE-2025-20673
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413200; Issue ID: MSV-3304...
CVE-2025-48889
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy a...