Lucene search
K

12642 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.5 views

Amazon Linux 2 : runc (ALASDOCKER-2025-068)

The version of runc installed on the remote host is prior to 1.2.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-068 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...

9.1CVSS7AI score0.00724EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.3 views

Amazon Linux 2023 : runc (ALAS2023-2025-1041)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1041 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

9.1CVSS6.9AI score0.00724EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

Robot Context Protocol (RCP): a Runtime-Agnostic Interface for Agent-Aware Robot Control

The Robot Context Protocol RCP is a lightweight, middleware-agnostic communication protocol designed to simplify the complexity of robotic systems and enable seamless interaction between robots, users, and autonomous agents. RCP provides a unified and semantically meaningful interface that...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

Expert Insight-Based Modeling of Non-Kinetic Strategic Deterrence of Rare Earth Supply Disruption: a Simulation-Driven Systematic Framework

This study constructs a quantifiable modelling framework to simulate non-kinetic strategic deterrence pathways in rare earth supply disruption scenarios, based on structured responses from expert interviews led by Dr. Daniel O'Connor, CEO of the Rare Earth Exchange REE. Focusing on disruption...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.2 views

Doppelgänger Method: Breaking Role Consistency in LLM Agent via Prompt-based Transferable Adversarial Attack

Since the advent of large language models, prompt engineering now enables the rapid, low-effort creation of diverse autonomous agents that are already in widespread use. Yet this convenience raises urgent concerns about the safety, robustness, and behavioral consistency of the underlying prompts,...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.6 views

The vulnerability of the NOOP command in the PCMan FTP server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the NOOP command in the PCMan FTP server is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

7.5CVSS8.1AI score0.00596EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.6 views

The vulnerability in the ZendTo web application for transferring files involves an incorrect restriction on the path to the restricted directory. This allows a malicious actor to gain read and write access to data, or cause a service failure.

The vulnerability in the web application for transferring files via ZendTo is related to an incorrect restriction on the path to the restricted directory during the processing of the tmpname parameter. Exploiting this vulnerability can allow an attacker to gain read and modify access to data, or...

6.5CVSS8AI score0.62062EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/06/18 4:15 p.m.6 views

CVE-2025-4821

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

7.5CVSS0.00723EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-50044

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads to 2 race conditions issues. 1 Such event may be dropped by qcommhiqrtrdlcallback at check: if !qdev...

4.7CVSS5.1AI score0.0011EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.2 views

UBUNTU-CVE-2022-50044

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads to 2 race conditions issues. 1 Such event may be dropped by qcommhiqrtrdlcallback at check: if !qdev...

4.7CVSS5.9AI score0.0011EPSS
Exploits0References5
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

UBUNTU-CVE-2022-50023

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised then the kernel will OOPS. Check the result of vchannextdesc in the handler axichanblockxfercomplete to avoid...

5.5CVSS6AI score0.00154EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.3 views

PT-2025-27955

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the handling of /proc/net/atm/lec. The issue arises from the lack of safety against dev lec changes, specifically due ...

7.8CVSS6.7AI score0.0017EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/06/17 12:8 p.m.2 views

libsoup: Out of bounds reads in soup_headers_parse_request()

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

7.5CVSS7.2AI score0.00787EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/06/17 12:0 a.m.2 views

Proposal for Improving Google A2A Protocol: Safeguarding Sensitive Data in Multi-Agent Systems

A2A, a protocol for AI agent communication, offers a robust foundation for secure AI agent communication. However, it has several critical issues in handling sensitive data, such as payment details, identification documents, and personal information. This paper reviews the existing protocol,...

7.1AI score
Exploits0
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Added a NULL check in ufshcdmcqcomplpendingtransfer. Also added a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 “scsi: ufs: core: Fix ufs abort ra...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References3
OSV
OSV
added 2025/06/12 3:15 p.m.5 views

CVE-2025-49197

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...

7.5CVSS5.8AI score
Exploits0References6
Amazon
Amazon
added 2025/06/12 12:0 a.m.4 views

Important: cni-plugins

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.2AI score0.00724EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/12 12:0 a.m.3 views

SICK Field Analytics和SICK Media Server 安全漏洞

SICK Field Analytics and SICK Media Server are both products of the German company SICK.SICK Field Analytics is software for evaluating manufacturing data.SICK Media Server is a media server. A security vulnerability exists in SICK Field Analytics and SICK Media Server that stems from an FTP logi...

9.8CVSS6.7AI score0.00453EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.4 views

Amazon Linux 2023 : cni-plugins (ALAS2023-2025-1012)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1012 advisory. The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms...

9.8CVSS6.8AI score0.01952EPSS
Exploits0References6
CNVD
CNVD
added 2025/06/11 12:0 a.m.3 views

Apache InLong Deserialization Vulnerability (CNVD-2025-12411)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.13.0 to 2.1.0 has a deserialization vulnerability , the vulnerability stems from the application in the...

6.5CVSS7AI score0.00671EPSS
Exploits0References1
Rows per page
Query Builder