Lucene search
K

386 matches found

Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.12 views

PT-2025-35970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to an upper bound check of the tree index in the dbAllocAG function within the JFS filesystem. Specifically, the code does not verify if the...

7.8CVSS7.1AI score0.00167EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/03/28 3:0 a.m.2 views

SUSE CVE-2025-21887

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

5.5CVSS7.7AI score0.00182EPSS
Exploits0References16
vulnersOsv
vulnersOsv
added 2025/03/20 10:47 a.m.5 views

01os (>=0.0.1 <=0.0.13), aeiva (>=0.8.1 <=0.8.2.6) +144 more potentially affected by CVE-2024-8984 via litellm (>=1.0.0 <=1.56.10)

litellm PYPI version =1.0.0, =0.0.1, =0.8.1, =0.14.1a0, =0.0.5, =1.1.2, =0.0.4, =0.1.1, =0.5.0, =1.0.3, =0.2.10, =0.29.0, =0.59.1, =0.1.5, =1.1.1 - aigrok =0.2.1 - aijson-ml =0.1.1 and more Source cves: CVE-2024-8984 Source advisory: SNYK:PYTHON-LITELLM-9511163...

7.5CVSS7AI score0.00792EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/03/17 12:0 a.m.4 views

Linux Stale TLB Use-After-Free

Linux stable versions 5.4 and 5.10 suffer from a page use-after-free condition via a stale TLB entry caused by rmap lock not being held during PUD move...

7CVSS8.5AI score0.0045EPSS
Exploits1
OSV
OSV
added 2025/03/04 2:15 p.m.4 views

CVE-2025-1942

When String.toUpperCase caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox 136 and Thunderbird 136...

9.8CVSS6.9AI score0.00446EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 3:15 p.m.0 views

DEBIAN-CVE-2022-49732

In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...

5.5CVSS5.2AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.4 views

UBUNTU-CVE-2022-49067

In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...

5.5CVSS5.9AI score0.00247EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the sock module not properly handling ULP protection checks during psock initialization...

5.5CVSS5.3AI score0.00195EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.4 views

Abseil 安全漏洞

Abseil is an Abseil generic library C++ open-sourced by Abseil. Abseil has a security vulnerability that stems from a buffer overflow problem caused by the size constructor, reserve and rehash methods of absl::flat,nodehashset,map not imposing an upper limit on its size parameter...

9.8CVSS6.9AI score0.00563EPSS
Exploits0References1
PyPA
PyPA
added 2025/01/14 7:15 p.m.8 views

PYSEC-2025-1

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.9AI score0.01854EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/01/14 7:15 p.m.2 views

DEBIAN-CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 7:15 p.m.2 views

PYSEC-2025-1

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References5
OSV
OSV
added 2025/01/14 2:0 p.m.4 views

UBUNTU-CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS7.1AI score0.01854EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/11/20 3:49 a.m.1 views

SUSE CVE-2024-53042

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...

7.1CVSS7.6AI score0.00265EPSS
Exploits0References28
OSV
OSV
added 2024/11/19 6:15 p.m.1 views

UBUNTU-CVE-2024-53042

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...

5.5CVSS6.2AI score0.00265EPSS
Exploits0References35
The Hacker News
The Hacker News
added 2024/11/11 11:30 a.m.4 views

The ROI of Security Investments: How Cybersecurity Leaders Prove It

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn't buy a car without knowing i...

7.1AI score
Exploits0
OSV
OSV
added 2024/10/21 8:15 p.m.2 views

UBUNTU-CVE-2022-49026

In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100xmitprepare In e100xmitprepare, if we can't map the skb, then return -ENOMEM, so e100xmitframe will return NETDEVTXBUSY and the upper layer will resend the skb. But the skb is already free...

7.8CVSS6.6AI score0.00237EPSS
Exploits0References22
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.5 views

TensorFlow segfault in array_ops.upper_bound

...

7.5CVSS7AI score0.00361EPSS
Exploits0
OSV
OSV
added 2024/08/22 4:41 p.m.2 views

GHSA-RPFR-3M35-5VX5 Hono CSRF middleware can be bypassed using crafted Content-Type header

Summary Hono CSRF middleware can be bypassed using crafted Content-Type header. Details MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. https://github.com/honojs/hono/blob/b0af71fbcc6dbe44140ea76f16d68dfdb32a99a0/src/middleware/csrf/index.tsL16-L17 As a...

5CVSS5.9AI score0.00231EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.4 views

PT-2024-30656 · Hono · Hono

Name of the Vulnerable Software and Affected Versions: Hono versions prior to 4.5.8 Description: The Hono CSRF middleware can be bypassed using a crafted Content-Type header. This is due to the fact that MIME types are case insensitive, but the isRequestedByFormElementRe function only matches...

5CVSS7.1AI score0.00231EPSS
Exploits1References10
Rows per page
Query Builder