Lucene search
K

34 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the usbmon module within the Linux kernel, the files drivers/usb/mon/monbin.c before version 5.19.15 and versions of 6.x before 6.0.1 allow a user-space client to corrupt the internal memory of the monitor...

6.7CVSS6.5AI score0.00325EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 12:34 a.m.23 views

CVE-2026-45329

ESF-IDF (Espressif IoT Development Framework) contains a vulnerability in ESP-TEE secure-service wrappers (esp_secure_services.c and esp_secure_services_iram.c) affecting versions 5.5.4 and 6.0. Several caller-supplied pointer arguments were not fully validated, allowing inputs to reference TEE-e...

7.1CVSS5.4AI score0.00117EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/12/05 4:49 p.m.23 views

CVE-2025-66546

Summary: CVE-2025-66546 affects Nextcloud Calendar. The vulnerability arises from the calendar’s handling of appointment IDs, allowing blind booking of appointments without knowledge of the appointment token. Affected software/versions (as documented): Nextcloud Calendar prior to 4.7.19, prior to...

3.3CVSS6.3AI score0.0012EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/21 7:37 p.m.5 views

CVE-2025-52670

Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accounts...

7.1CVSS6.9AI score0.00275EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/21 7:37 p.m.5 views

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

2.7CVSS4.2AI score0.00366EPSS
Exploits1References1
OSV
OSV
added 2025/11/20 8:16 p.m.3 views

CVE-2025-52670

Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accounts...

6.5CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2025/11/20 8:16 p.m.4 views

CVE-2025-52667

Missing JSON Content-Type header in a script in Revive Adserver 6.0.1 and 5.5.2 and earlier versions causes a stored XSS attack to be possible for a logged in manager user...

5.4CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2025/11/20 8:16 p.m.5 views

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

2.7CVSS6.7AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/20 7:11 p.m.4 views

CVE-2025-52668

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS8AI score0.00445EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/20 7:11 p.m.4 views

CVE-2025-48987

Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack...

6.3CVSS6.1AI score0.00427EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.5 views

PT-2025-47616

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

2.7CVSS6.8AI score0.00366EPSS
Exploits1References1
CVE
CVE
added 2025/08/21 9:26 a.m.26 views

CVE-2025-8064

The CVE describes a Stored Cross-Site Scripting vulnerability in the Bible SuperSearch WordPress plugin (

6.4CVSS5.8AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.5 views

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit this...

7.8CVSS7AI score0.00077EPSS
Exploits0References1
Atlassian
Atlassian
added 2024/01/17 6:46 a.m.47 views

DoS (Denial of Service) ch.qos.logback:logback-classic Dependency in Confluence Data Center and Server

This High severity ch.qos.logback:logback-classic Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server. This ch.qos.logback:logback-classic Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

7.5CVSS7.1AI score0.009EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/10/31 2:43 a.m.4 views

SUSE CVE-2017-0553

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform...

7CVSS7.3AI score0.01959EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/30 12:0 a.m.3 views

IBM Sterling Secure Proxy 加密问题漏洞

IBM Sterling Secure Proxy creates a security barrier for trusted networks by preventing direct connections between external partners and internal servers. IBM Sterling Secure Proxy versions 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contain a weak encryption algorithm vulnerability. An attacker could...

7.5CVSS5.6AI score0.00919EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/07/15 12:0 a.m.5 views

PT-2021-18433 · Ibm · Ibm Secure Proxy +1

Name of the Vulnerable Software and Affected Versions: IBM Secure External Authentication Server versions 2.4.3.2, 6.0.1, 6.0.2 IBM Secure Proxy versions 3.4.3.2, 6.0.1, 6.0.2 Description: The issue allows a remote user to consume resources, causing a denial of service due to a resource leak...

7.5CVSS7.4AI score0.02937EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2019/04/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-13156

An elevation of privilege vulnerability in the Android system art. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847...

7.8CVSS7.3AI score0.20089EPSS
Exploits9References1
OSV
OSV
added 2018/01/12 11:29 p.m.4 views

CVE-2017-0846

An information disclosure vulnerability in the Android framework clipboardservice. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810...

7.5CVSS5.8AI score0.00412EPSS
Exploits0References1
Prion
Prion
added 2018/01/12 11:29 p.m.17 views

Design/Logic Flaw

In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

10CVSS9.2AI score0.02352EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder