Lucene search
K

12642 matches found

SUSE CVE
SUSE CVE
added 2025/06/24 11:24 p.m.4 views

SUSE CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

6.5CVSS7AI score0.00422EPSS
Exploits0References6
OSV
OSV
added 2025/06/24 4:15 p.m.4 views

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

9.8CVSS8.1AI score0.01723EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/06/24 12:28 p.m.4 views

CVE-2025-6434

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

4.3CVSS5.8AI score0.00229EPSS
Exploits0References4
Amazon
Amazon
added 2025/06/24 12:0 a.m.14 views

Important: rclone

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.2AI score0.00724EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/24 12:0 a.m.9 views

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

0.01723EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.2 views

OS4Ed OpenSIS 安全漏洞

OS4Ed OpenSIS is a student information system software from OS4Ed, Inc. A security vulnerability exists in OS4Ed OpenSIS version v8.0, which stems from improper handling of the STUDENTID and TRANSFERSCHOOL parameters in a POST request, which could lead to an SQL injection attack...

9.8CVSS6AI score0.01723EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.8 views

PT-2025-28873

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to the handling of the atm dev mutex within the ATM Asynchronous Transfer Mode subsystem. Specifically, the mutex was not being releas...

7.8CVSS7.1AI score0.00157EPSS
Exploits0
NVD
NVD
added 2025/06/23 10:15 a.m.10 views

CVE-2025-27387

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

7.4CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/23 9:28 a.m.5 views

CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

7.4CVSS7.5AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/23 9:28 a.m.11 views

CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

7.4CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added 2025/06/23 9:28 a.m.19 views

CVE-2025-27387

OPPO Clone Phone (CVE-2025-27387) is affected by an information disclosure due to a weak WPA/Wi‑Fi hotspot used to transfer files. The CVE details specify adjacent attack vector with low complexity and no privileges required, yielding confidentiality impact (high) while other impacts are not indi...

7.4CVSS7.4AI score0.00238EPSS
Exploits0References1
Amazon
Amazon
added 2025/06/23 12:0 a.m.10 views

Important: runc

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.5AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/06/23 12:0 a.m.2 views

Important: amazon-ecr-credential-helper

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.9AI score0.00724EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.5 views

Amazon Linux 2 : runc (ALASDOCKER-2025-068)

The version of runc installed on the remote host is prior to 1.2.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-068 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...

9.1CVSS7AI score0.00724EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/23 12:0 a.m.2 views

OPPO Clone Phone 信息泄露漏洞

OPPO Clone Phone is a cell phone cloning application from the Chinese company OPPO. OPPO Clone Phone suffers from an information leakage vulnerability that originates from the use of a weak password WiFi hotspot to transfer files resulting in information leakage...

7.4CVSS7.6AI score0.00238EPSS
Exploits0References2
Amazon
Amazon
added 2025/06/23 12:0 a.m.4 views

Important: runc

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.9AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/06/23 12:0 a.m.5 views

Important: runc

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS9.6AI score0.00724EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.4 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1040)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1040 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

9.1CVSS6.9AI score0.00724EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.8 views

The vulnerability of the nvmet_data_transfer_len() function in the drivers/nvme/target/core.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the nvmetdatatransferlen function in the drivers/nvme/target/core.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

4.6CVSS6.5AI score0.00227EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform allows a perpetrator to compromise data integrity.

The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform is related to errors in handling HTTP requests. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...

4.3CVSS5.5AI score0.00225EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder