Lucene search
K

254 matches found

Vulnrichment
Vulnrichment
added 2026/01/26 10:12 p.m.4 views

CVE-2026-24003 EvseV2G has sequence state validation bypass

EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state verification including authentication, and send requests that transition to forbidden states relative to the current one, thereby updating the current context with...

4.3CVSS5.8AI score0.00254EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/11/26 8:34 a.m.21 views

curl: Infinite loop issue in the state machine of the curl project

Summary: Vulnerability impact: When curl attempts to download files from a malicious FTP server, it triggers an infinite loop in the code execution. I discovered this issue in the FTP functionality of the curl project .As described in...

7.6AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/11/18 1:1 a.m.4 views

net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY

...

5.5CVSS8.8AI score0.00159EPSS
Exploits0
Fedora
Fedora
added 2025/11/06 2:24 a.m.8 views

[SECURITY] Fedora 42 Update: qt5-qtscxml-5.15.18-1.fc42

The Qt SCXML module provides functionality to create state machines from SCXM L files. This includes both dynamically creating state machines loading the SCXML file and instantiating states and transitions and generating a C++ file that has a class implementing the state machine. It also contains...

7AI score
Exploits0
Cvelist
Cvelist
added 2025/10/28 11:48 a.m.6 views

CVE-2025-40061 RDMA/rxe: Fix race in do_task() when draining

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...

0.00183EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-3891

Malware in sbrugna...

7.5CVSS7.6AI score0.01589EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2811

Malware in sbrugna...

4.3CVSS7.4AI score0.03275EPSS
Exploits1References38
OSV
OSV
added 2025/10/04 12:11 a.m.6 views

RLSA-2025:12187 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

7.5CVSS7.4AI score0.00472EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-15839

Malicious code in bioql PyPI...

7.6AI score0.00159EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2573

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0076EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19417

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00256EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-24749

Malicious code in bioql PyPI...

3.3CVSS6.6AI score0.00102EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27817

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00628EPSS
Exploits0References3
OSV
OSV
added 2025/10/03 7:56 p.m.5 views

RLSA-2025:12188 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

7.5CVSS7.5AI score0.00472EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.4 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

9.8CVSS7.7AI score0.00472EPSS
Exploits0
OSV
OSV
added 2025/09/08 2:19 p.m.5 views

RLSA-2025:13676 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

7.5CVSS7.8AI score0.00472EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/09/04 3:32 p.m.11 views

CVE-2025-38699 scsi: bfa: Double-free fix

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

0.00167EPSS
Exploits0References9
OSV
OSV
added 2025/08/20 12:12 a.m.7 views

OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...

7.2AI score
Exploits0References1
AlmaLinux
AlmaLinux
added 2025/08/12 12:0 a.m.7 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

9.8CVSS8.3AI score0.00472EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2025/08/11 5:33 p.m.4 views

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

6.5CVSS7.3AI score0.00351EPSS
Exploits0References6
Rows per page
Query Builder