Lucene search
K

3397 matches found

Vulnrichment
Vulnrichment
added 2025/07/16 5:38 p.m.2 views

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

7.5CVSS7.1AI score0.00877EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/16 5:38 p.m.9 views

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

7.5CVSS0.00877EPSS
Exploits0References1
OSV
OSV
added 2025/07/16 12:0 a.m.2 views

UBUNTU-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

7.5CVSS7.1AI score0.00877EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/12 8:28 p.m.15 views

CVE-2025-53634

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyo...

8.7CVSS7.2AI score0.00444EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/07/10 5:58 p.m.8 views

Chall-Manager's HTTP Gateway is vulnerable to DoS due to missing header timeout

Impact The HTTP Gateway processes headers, but with no timeout set. With a Slowloris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommende...

8.7CVSS7.1AI score0.00444EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/10 8:15 a.m.9 views

UBUNTU-CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...

7.8CVSS6.3AI score0.00159EPSS
Exploits0References28
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.3 views

Chall-Manager 安全漏洞

Chall-Manager is an open source project from CTFer.io open source. A security vulnerability exists in Chall-Manager versions prior to 0.1.4, which stems from an unset timeout on the HTTP gateway, which could lead to a denial of service triggered by a slow loris attack...

8.7CVSS6.2AI score0.00444EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/07/09 11:23 p.m.1 views

SUSE CVE-2025-38238

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

5.5CVSS7.6AI score0.00129EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/07/09 10:42 a.m.4 views

CVE-2025-38238

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

5.5CVSS5.4AI score0.00129EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/09 10:42 a.m.7 views

CVE-2025-38238 scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

0.00129EPSS
Exploits0References2
CVE
CVE
added 2025/07/09 10:42 a.m.74 views

CVE-2025-38238

CVE-2025-38238 : In the Linux kernel, the SCSI fnic driver (fnic_wq_cmpl_handler) crashes when both FDMI RHBA and RPA requests time out due to reusing the same frame to send ABTS for both. The root cause is the double-free of a frame on send completion. The fix allocates separate frames for RHBA ...

5.5CVSS6.5AI score0.00129EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an FDMI timeout in fnicwqcmplhandler that causes a crash...

5.5CVSS6.8AI score0.00129EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2025/07/08 12:0 a.m.8 views

container-tools:rhel8 security update

aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp netavark oci-seccomp-bpf-hook podman 4.9.4-22.0.1 - Fixes issue of container created in cgroupv2 not start in cgroupv1 Orabug: 36136813 - Fixes container...

8.3CVSS6.4AI score0.00397EPSS
Exploits0
OSV
OSV
added 2025/07/03 8:15 a.m.2 views

DEBIAN-CVE-2025-38094

In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macbhalttx. There is a situation where after THALT is set high, TGO stays high as well. Because jiffies are never updated, as we are in a context with interrupts disabled, we never...

5.5CVSS5.5AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 8:15 a.m.2 views

UBUNTU-CVE-2025-38094

In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macbhalttx. There is a situation where after THALT is set high, TGO stays high as well. Because jiffies are never updated, as we are in a context with interrupts disabled, we never...

5.5CVSS6.1AI score0.00126EPSS
Exploits0References39
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.10 views

PT-2025-37205

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the ath10k driver where, in rare cases, the driver may lose connection with the PCIe bus. This can lead to system crashes during resuming due to...

5.5CVSS5.8AI score0.00145EPSS
Exploits0
Snyk
Snyk
added 2025/06/26 9:31 p.m.2 views

Synchronous Access of Remote Resource without Timeout

Overview Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the rekey and recovery key operations. An attacker can disrupt service availability by triggering uncontrolled cancellation actions during these processes, which can lead to deni...

3.1CVSS7AI score0.00214EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/25 3:33 p.m.6 views

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

8.5CVSS8AI score0.00272EPSS
Exploits0References24
RedHat Linux
RedHat Linux
added 2025/06/25 12:16 a.m.4 views

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

7.5CVSS7.1AI score0.04572EPSS
Exploits0References4
OSV
OSV
added 2025/06/24 2:52 p.m.3 views

SUSE-SU-2025:20436-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301: security/keys:...

7.8CVSS6.7AI score0.00272EPSS
Exploits0References23
Rows per page
Query Builder