Lucene search
K

12645 matches found

CNNVD
CNNVD
added 2025/06/03 12:0 a.m.2 views

Arris VIP1113 安全漏洞

The Arris VIP1113 is a set-top box for high-definition IPTV services from Arris USA. A security vulnerability exists in the Arris VIP1113 version 2025-05-30 and earlier, which stems from the fact that remote file names with space characters in TFTP may lead to local file name control...

6.4CVSS6.3AI score0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.3 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat, Inc. A security vulnerability exists in FreeFloat FTP Server version 1.0, which stems from a buffer overflow problem in the PBSZ command handler...

9.8CVSS7.7AI score0.00565EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/06/02 12:0 a.m.4 views

Align Is Not Enough: Multimodal Universal Jailbreak Attack against Multimodal Large Language Models

Large Language Models LLMs have evolved into Multimodal Large Language Models MLLMs, significantly enhancing their capabilities by integrating visual information and other types, thus aligning more closely with the nature of human intelligence, which processes a variety of data forms beyond just...

7.1AI score
Exploits0
Amazon
Amazon
added 2025/06/02 12:0 a.m.11 views

Important: runfinch-finch

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.6AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/06/02 12:0 a.m.11 views

Important: soci-snapshotter

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.6AI score0.00724EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/02 12:0 a.m.6 views

The vulnerability of the h11 library, related to deficiencies in HTTP request processing, allows attackers to influence the confidentiality and integrity of the protected information.

The vulnerability of the h11 library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected information...

9.4CVSS7.2AI score0.00522EPSS
Exploits0References7Affected Software4
Tenable Nessus
Tenable Nessus
added 2025/06/02 12:0 a.m.10 views

Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-978)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-978 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

9.1CVSS6.9AI score0.00724EPSS
Exploits0References4
OSV
OSV
added 2025/05/29 10:15 p.m.3 views

CVE-2025-5331

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

9.8CVSS6.2AI score0.00621EPSS
Exploits1References4
Debian
Debian
added 2025/05/29 7:18 a.m.8 views

[SECURITY] [DLA 4187-1] varnish security update

Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 28, 2025 https://wiki.debian.org/LTS Package : varnish Version : 6.5.1-1+deb11u5 CVE ID : CVE-2025-47905 A client-side desync vulnerability can be triggered in Varnish, a...

5.4CVSS6.3AI score0.003EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.7 views

Debian dla-4187 : libvarnishapi-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4187 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/...

5.4CVSS6.1AI score0.003EPSS
Exploits0References4
Amazon
Amazon
added 2025/05/29 12:0 a.m.4 views

Important: cri-tools

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 The net/http package accepted data in the chunked transfer encoding...

9.8CVSS6.9AI score0.01952EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.10 views

Amazon Linux 2 : nerdctl (ALAS-2025-2863)

The version of nerdctl installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2863 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.6 views

Amazon Linux 2 : oci-add-hooks (ALASNITRO-ENCLAVES-2025-061)

The version of oci-add-hooks installed on the remote host is prior to 0-0.3.20200504git325a340. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-061 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid...

9.1CVSS7AI score0.00724EPSS
Exploits0References4
OSV
OSV
added 2025/05/28 11:15 a.m.4 views

CVE-2025-5295

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code of the component PORT Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

9.8CVSS6AI score0.00596EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.4 views

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney that originates from not properly releasing an HTTP connection after processing a 307 redirect response, which could result in a denial of service...

2.3CVSS6.5AI score0.00727EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/28 12:0 a.m.3 views

BugWhisperer: Fine-Tuning LLMs for SoC Hardware Vulnerability Detection

The current landscape of system-on-chips SoCs security verification faces challenges due to manual, labor-intensive, and inflexible methodologies. These issues limit the scalability and effectiveness of security protocols, making bug detection at the Register-Transfer Level RTL difficult. This...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.4 views

TeleMessage 安全漏洞

TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from the heap content of a JSP application containing a password sent over HTTP...

4CVSS9.3AI score0.00366EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.13 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.6 views

A Joint Reconstruction-Triplet Loss Autoencoder Approach Towards Unseen Attack Detection in IoV Networks

Internet of Vehicles IoV systems, while offering significant advancements in transportation efficiency and safety, introduce substantial security vulnerabilities due to their highly interconnected nature. These dynamic systems produce massive amounts of data between vehicles, infrastructure, and...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2025/05/27 12:0 a.m.1 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the QUOTE Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...

9.8CVSS7.3AI score0.00588EPSS
Exploits1References4
Rows per page
Query Builder