Lucene search
K

12640 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-6827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default...

7.5CVSS7.1AI score0.00738EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/08/06 8:1 a.m.1 views

kernel: xhci: handle isoc Babble and Buffer Overrun events properly

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

5.5CVSS7.1AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.4 views

VTun-ng 安全漏洞

vtun-ng is an application by Jan-Espen Oversand Individual Developer. A security vulnerability exists in VTun-ng 3.0.17 and earlier versions, which stems from a failure in the initialization of the cryptographic module that could lead to a plaintext transfer...

8.7CVSS6.5AI score0.00191EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-27409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The...

5.5CVSS5.2AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2025/08/04 8:15 p.m.6 views

CVE-2025-55014

The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP...

6.8AI score
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/08/04 3:19 p.m.1 views

kernel: nvme-tcp: sanitize request list handling

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

5.5CVSS6.8AI score0.00136EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/04 3:19 p.m.3 views

kernel: net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

7.8CVSS6.8AI score0.00181EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/04 9:33 a.m.9 views

CVE-2025-54792

LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle MitM vulnerability in the software's discovery protocol allows an unauthenticated attacke...

9.3CVSS7.2AI score0.00244EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.7 views

The vulnerability in the FTP-server administrator web interface of Wing allows a hacker to increase their privileges.

The vulnerability in the FTP server administrator’s web interface of Wing is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

4.1CVSS7.5AI score0.03513EPSS
Exploits24References4Affected Software1
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.3 views

"Energon": Unveiling Transformers from GPU Power and Thermal Side-Channels

Transformers have become the backbone of many Machine Learning ML applications, including language translation, summarization, and computer vision. As these models are increasingly deployed in shared Graphics Processing Unit GPU environments via Machine Learning as a Service MLaaS, concerns aroun...

6.6AI score
Exploits0
NVD
NVD
added 2025/08/01 11:15 p.m.6 views

CVE-2025-54792

LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle MitM vulnerability in the software's discovery protocol allows an unauthenticated attacke...

9.3CVSS0.00244EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

freeFTPd 安全漏洞

freeFTPd is an open source FTP File Transfer Protocol server by freeFTPd. A security vulnerability exists in freeFTPd 1.0.10 and earlier versions, which stems from improper boundary checking when handling FTP PASS commands, and could lead to memory corruption and arbitrary code execution...

9.8CVSS7.6AI score0.01641EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/07/30 6:8 a.m.6 views

kernel: net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

7.8CVSS6.8AI score0.00181EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/29 8:15 a.m.4 views

firefox: thunderbird: Incorrect URL stripping in CSP reports

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The username:password part is incorrectly stripped from URLs in CSP reports, potentially leaking HTTP Basic Authentication credentials...

9.8CVSS7.3AI score0.00431EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/07/28 11:35 p.m.2 views

SUSE CVE-2024-32663

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19...

7.5CVSS6.9AI score0.00956EPSS
Exploits0References2
OSV
OSV
added 2025/07/28 7:57 p.m.2 views

GO-2025-3794 File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser

File Browser allows sensitive data to be transferred in URL in github.com/filebrowser/filebrowser...

6.5CVSS6AI score0.0049EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/07/28 1:54 p.m.3 views

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service...

7.5CVSS7.1AI score0.01898EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/07/28 5:55 a.m.123 views

Exploit for SQL Injection in Progress Moveit_Cloud

CVE-2023-34362: Vulnerability Defense Package This repository...

9.8CVSS10AI score0.99934EPSS
Exploits15
RedHat Linux
RedHat Linux
added 2025/07/28 3:13 a.m.3 views

No title provided

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: prevent potential failure in handletxevent for Transfer events without TRB Some transfer events don't always point to a TRB, and consequently don't have a endpoint ring. In these cases, function handletxevent should no...

6.4AI score
Exploits0References2
CNVD
CNVD
added 2025/07/28 12:0 a.m.4 views

TOTOLINK A702R Buffer Overflow Vulnerability

The TOTOLINK A702R is a wireless router model from China's Gion Electronics, with key features including dual-band 2.4GHz/5.8GHz network connectivity, up to 1200Mbps transfer rate, four 5dBi antennas, and a built-in firewall. A buffer overflow vulnerability exists in the TOTOLINK A702R, which...

9CVSS8.1AI score0.07098EPSS
Exploits1References1
Rows per page
Query Builder