Lucene search
K

12641 matches found

Packet Storm News
Packet Storm News
added 2025/07/05 12:0 a.m.4 views

Quantum Protocols for Rabin Oblivious Transfer

Rabin oblivious transfer is the cryptographic task where Alice wishes to receive a bit from Bob but it may get lost with probability 1/2. In this work, we provide protocol designs which yield quantum protocols with improved security. Moreover, we provide a constant lower bound on any quantum...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/07/04 11:21 p.m.3 views

SUSE CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

4.4CVSS6.4AI score0.0015EPSS
Exploits0References22
NVD
NVD
added 2025/07/04 2:15 p.m.5 views

CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

5.5CVSS0.0015EPSS
Exploits0References10
OSV
OSV
added 2025/07/04 2:15 p.m.2 views

DEBIAN-CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

5.5CVSS5.5AI score0.0015EPSS
Exploits0References1
OSV
OSV
added 2025/07/04 2:15 p.m.2 views

DEBIAN-CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

7.8CVSS5.7AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2025/07/04 2:15 p.m.2 views

UBUNTU-CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References28
OSV
OSV
added 2025/07/04 2:15 p.m.2 views

UBUNTU-CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

5.5CVSS6.1AI score0.0015EPSS
Exploits0References41
BDU FSTEC
BDU FSTEC
added 2025/07/04 12:0 a.m.5 views

The vulnerability of SAFECAM X300 video recorder software-related microprogramming systems, which stems from the use of default account data, allows a intruder to gain unauthorized access to protected information.

The vulnerability of SAFECAM X300 video recorder software’s microprogramming system is related to the use of default login credentials when connected to an FTP server. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2025/07/02 10:15 a.m.5 views

CVE-2025-27024

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

6.5CVSS5.8AI score0.00318EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.2 views

Nokia Single RAN 安全漏洞

Nokia Single RAN is a wireless network technology from Nokia, Finland. A security vulnerability exists in Nokia Single RAN 23R2-SR prior to version 1.0 MP, which stems from a failure to restrict specific HTTP POST requests sent over the MNO internal RAN management network, which could lead to...

3.3CVSS6.3AI score0.00125EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/30 7:56 p.m.6 views

CVE-2025-52901 File Browser allows sensitive data to be transferred in URL

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token JWT which is used as a session identifier will get leaked to...

4.5CVSS6.3AI score0.0049EPSS
Exploits1References4
Hacker One
Hacker One
added 2025/06/27 9:16 p.m.8 views

Bykea: Critical Information Disclosure via /talos/api/v1/files/upload

A vulnerability was discovered in the file upload functionality, where uploaded files were first stored on the server before being sent to S3. Due to a configuration flaw, memory chunks from the server were included in some uploaded files. This issue was classified as critical and was addressed a...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/27 7:43 a.m.14 views

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems. MOVEit Transfer is a popular...

9.8CVSS9.6AI score0.99934EPSS
Exploits15
Fedora
Fedora
added 2025/06/27 1:22 a.m.7 views

[SECURITY] Fedora 42 Update: libssh-0.11.2-1.fc42

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

8.1CVSS7.5AI score0.02394EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/06/26 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

9.8CVSS5.9AI score0.01723EPSS
In wildExploits0References2
AlpineLinux
AlpineLinux
added 2025/06/25 5:15 p.m.4 views

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

6.5CVSS7AI score0.00422EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/25 9:54 a.m.7 views

CVE-2025-27387

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

7.4CVSS7.3AI score0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/06/25 8:15 a.m.3 views

CVE-2024-51984

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...

6.8CVSS7.2AI score0.00846EPSS
Exploits0References10Affected Software82
SUSE CVE
SUSE CVE
added 2025/06/24 11:24 p.m.4 views

SUSE CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

6.5CVSS7AI score0.00422EPSS
Exploits0References6
OSV
OSV
added 2025/06/24 4:15 p.m.4 views

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

9.8CVSS8.1AI score0.01723EPSS
Exploits0References3
Rows per page
Query Builder