Lucene search
K

12640 matches found

Source Incite
Source Incite
added 2025/08/13 12:0 a.m.137 views

SRC-2025-0001 : Samsung MagicINFO 9 Server ResponseBootstrappingActivity Exposed Dangerous Method Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO. Authentication is required and SaaS environment needs to be configured. The specific flaw exists within ability to dynamically create FTP accounts. An attack...

6.7AI score
Exploits0
FreeBSD
FreeBSD
added 2025/08/13 12:0 a.m.9 views

www/varnish7 -- Denial of Service in HTTP/2

Varnish Development Team reports: A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large number of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for th...

7.5CVSS7.2AI score0.04604EPSS
Exploits3References1
NVD
NVD
added 2025/08/12 7:15 p.m.4 views

CVE-2023-45584

A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0...

7.2CVSS0.00535EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 2:48 p.m.3 views

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

8.1CVSS7.2AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 2:48 p.m.9 views

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

8.1CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 11:16 a.m.3 views

CVE-2024-52504

A vulnerability has been identified in SIPROTEC 4 6MD61 All versions, SIPROTEC 4 6MD63 All versions, SIPROTEC 4 6MD66 All versions, SIPROTEC 4 6MD665 All versions, SIPROTEC 4 7SA522 All versions, SIPROTEC 4 7SA6 All versions V4.78, SIPROTEC 4 7SD5 All versions V4.78, SIPROTEC 4 7SD610 All version...

8.7CVSS7.2AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 11:16 a.m.6 views

CVE-2024-52504

A vulnerability has been identified in SIPROTEC 4 6MD61 All versions, SIPROTEC 4 6MD63 All versions, SIPROTEC 4 6MD66 All versions, SIPROTEC 4 6MD665 All versions, SIPROTEC 4 7SA522 All versions, SIPROTEC 4 7SA6 All versions V4.78, SIPROTEC 4 7SD5 All versions V4.78, SIPROTEC 4 7SD610 All version...

8.7CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/08/12 7:35 a.m.3 views

SUSE-SU-2025:02755-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. - CVE-2025-5318: Fixed likely read beyond bounds in sftp server...

8.1CVSS7.1AI score0.02394EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.2 views

Siemens多款产品 代码问题漏洞

Siemens SIPROTEC 4 is a multifunction relay from Siemens Germany. A code issue vulnerability exists in various Siemens products that stems from mishandling of a file transfer operation, which could result in a denial of service. The following products are affected: SIPROTEC 4 6MD61, 6MD63, 6MD66,...

8.7CVSS6.8AI score0.00412EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-47229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not ye...

5.5CVSS6AI score0.00226EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/08/12 12:0 a.m.4 views

Exploring Cross-Stage Adversarial Transferability in Class-Incremental Continual Learning

Class-incremental continual learning addresses catastrophic forgetting by enabling classification models to preserve knowledge of previously learned classes while acquiring new ones. However, the vulnerability of the models against adversarial attacks during this process has not been investigated...

6.9AI score
Exploits0
NVD
NVD
added 2025/08/11 10:15 p.m.8 views

CVE-2025-25235

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.7AI score0.02511EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/11 1:40 p.m.2 views

Security Bulletin: Astronomer with IBM is vulnerable to memory consumption and denial of service due to the net/http package (CVE-2021-44716, CVE-2022-27664)

Summary net/http is used by Astronomer with IBM as part of the request processing functionality. Vulnerability Details CVEID:CVE-2021-44716 DESCRIPTION: net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2...

7.5CVSS6.8AI score0.03958EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/08/11 1:3 p.m.11 views

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

7CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 1:3 p.m.4 views

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

7CVSS6.8AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/11 10:41 a.m.5 views

CVE-2025-8860

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...

3.3CVSS6.7AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2025/08/11 6:20 a.m.2 views

SUSE-SU-2025:02745-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318...

7.5CVSS7.4AI score0.0196EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.3 views

YugabyteDB 安全漏洞

YugabyteDB is a high-performance transactional distributed SQL database for cloud-native applications from Yugabyte USA. A security vulnerability exists in YugabyteDB that stems from a diagnostic information transfer over HTTP that could lead to the disclosure of sensitive data...

7CVSS6.7AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-1934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Note that Nessus relies o...

5.3CVSS7AI score0.51951EPSS
Exploits0References2
Rows per page
Query Builder