Lucene search
K

8 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-10655

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS0.0024EPSS
Exploits0References2
CVE
CVE
added 5 days ago11 views

CVE-2026-10655

Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References2
Fedora
Fedora
added 2025/10/13 2:4 a.m.6 views

[SECURITY] Fedora 41 Update: podman-tui-1.9.0-1.fc41

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

6.5CVSS7AI score0.00489EPSS
Exploits1
Fedora
Fedora
added 2025/09/22 12:17 a.m.8 views

[SECURITY] Fedora 43 Update: podman-tui-1.8.0-1.fc43

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

5.3CVSS7AI score0.00385EPSS
Exploits0
Fedora
Fedora
added 2024/10/27 8:34 p.m.26 views

[SECURITY] Fedora 41 Update: podman-tui-1.2.3-1.fc41

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

8.6CVSS7.4AI score0.18087EPSS
Exploits18
ATTACKERKB
ATTACKERKB
added 2024/04/01 10:15 p.m.2 views

CVE-2023-51571

Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...

7.5CVSS5.9AI score0.00667EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/01/23 3:15 p.m.25 views

Design/Logic Flaw

ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key...

7.5CVSS9.4AI score0.01707EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.4 views

The vulnerability of the Controller.class.php file on the high-performance PHP Workman server platform allows attackers to execute cross-site scripting attacks against Redis database management systems.

The vulnerability of the Controller.class.php file on the high-performance PHP Workman socket service platform is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.1CVSS6.2AI score0.00641EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder