Lucene search
K

12642 matches found

Amazon
Amazon
added 2025/06/11 12:0 a.m.6 views

Important: containerd

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.9AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/06/11 12:0 a.m.3 views

Important: containerd

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.9AI score0.00724EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/11 12:0 a.m.4 views

The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system allows a hacker to gain unauthorized access to read, add, modify, or delete data.

The vulnerability of the Chatbot component of Oracle Financial Services’ Revenue Management and Billing system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to read, add, modify, or delete...

6.8CVSS6.3AI score0.00343EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.2 views

ZendTo 安全漏洞

ZendTo is a web-based file transfer system from ZendTo Inc. A security vulnerability exists in ZendTo 6.10-6 Beta and earlier versions, which stems from an os command injection due to the misbehavior of the parameter file1 in the file NSSDropoff.php...

7.5CVSS7.7AI score0.01863EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.3 views

DAVSP: Safety Alignment for Large Vision-Language Models Via Deep Aligned Visual Safety Prompt

Large Vision-Language Models LVLMs have achieved impressive progress across various applications but remain vulnerable to malicious queries that exploit the visual modality. Existing alignment approaches typically fail to resist malicious queries while preserving utility on benign ones effectivel...

7.5AI score
Exploits0
Amazon
Amazon
added 2025/06/10 12:0 a.m.4 views

Important: cni-plugins

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS9.6AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/06/09 12:0 a.m.4 views

Important: amazon-ssm-agent

Issue Overview: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. CVE-2025-22869 Affected Packages:...

7.5CVSS6.9AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/06/06 2:4 p.m.5 views

OESA-2025-1611 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size...

7.5CVSS6.9AI score0.00603EPSS
Exploits1References2
OSV
OSV
added 2025/06/05 4:15 p.m.7 views

CVE-2025-5666

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed...

9.8CVSS7.3AI score0.00558EPSS
Exploits1References4
OSV
OSV
added 2025/06/05 3:15 p.m.3 views

CVE-2025-5664

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...

9.8CVSS6.1AI score0.00558EPSS
Exploits1References4
OSV
OSV
added 2025/06/05 4:15 a.m.2 views

CVE-2025-5635

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

9.8CVSS6.1AI score0.00596EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.5 views

The vulnerability of the Service Diagnostics Scripts component of the OracleTeleservice module in the Oracle E-Business Suite automation system allows a perpetrator to disclose protected information.

The vulnerability of the Service Diagnostics Scripts component of the Oracle Teleservice module in the Oracle E-Business Suite system relates to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose protected informatio...

6.8CVSS7.1AI score0.00403EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2025/06/04 5:15 p.m.4 views

CVE-2025-5596

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component REGET Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public...

9.8CVSS6AI score0.00565EPSS
Exploits1References4
OSV
OSV
added 2025/06/04 2:15 p.m.4 views

CVE-2025-5592

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component PASSIVE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9.8CVSS6AI score0.00565EPSS
Exploits1References4
OSV
OSV
added 2025/06/04 1:15 a.m.5 views

CVE-2025-5549

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...

9.8CVSS6.1AI score0.00565EPSS
Exploits1References4
OSV
OSV
added 2025/06/04 1:15 a.m.7 views

CVE-2025-5548

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

9.8CVSS5.9AI score0.10139EPSS
Exploits12References4
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.2 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. FreeFloat FTP Server suffers from a buffer overflow vulnerability that stems from the PASV Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

9.8CVSS7.3AI score0.00565EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.2 views

Arris VIP1113 安全漏洞

The Arris VIP1113 is a set-top box for high-definition IPTV services from Arris USA. A security vulnerability exists in the Arris VIP1113 version 2025-05-30 and earlier, which stems from the fact that remote file names with space characters in TFTP may lead to local file name control...

6.4CVSS6.3AI score0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.3 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat, Inc. A security vulnerability exists in FreeFloat FTP Server version 1.0, which stems from a buffer overflow problem in the PBSZ command handler...

9.8CVSS7.7AI score0.00565EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/06/02 12:0 a.m.10 views

Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-978)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-978 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

9.1CVSS6.9AI score0.00724EPSS
Exploits0References4
Rows per page
Query Builder