Lucene search
K

458 matches found

OSV
OSV
added 2026/01/11 5:15 p.m.3 views

OPENSUSE-SU-2026:20022-1 Security update for matio

This update for matio fixes the following issues: - update to version 1.5.29: Fix printing rank-1-variable in MatVarPrint Fix array index out of bounds in MatVarPrint when printing UTF-8 character data boo1239678, CVE-2025-2337 Fix heap-based buffer overflow in strdupvprintf boo1239677,...

8.1CVSS6.8AI score0.00534EPSS
Exploits2References4
Packet Storm News
Packet Storm News
added 2026/01/08 12:0 a.m.7 views

Supporting Secured Integration of Microarchitectural Defenses

There has been a plethora of microarchitectural-level attacks leading to many proposed countermeasures. This has created an unexpected and unaddressed security issue where naive integration of those defenses can potentially lead to security vulnerabilities. This occurs when one defense changes an...

6.8AI score
Exploits0
HackRead
HackRead
added 2026/01/05 10:43 a.m.8 views

Disney Fined $10M for Violating Children’s Privacy Laws on YouTube

Disney agrees to a $10M settlement with the DOJ and FTC over YouTube privacy violations. Learn how the COPPA ruling affects kids' data and Disney's new rules...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/03 12:0 a.m.20 views

MCP-SandboxScan: WASM-Based Secure Execution and Runtime Analysis for MCP Tools

Tool-augmented LLM agents raise new security risks: tool executions can introduce runtime-only behaviors, including prompt injection and unintended exposure of external inputs e.g., environment secrets or local files. While existing scanners often focus on static artifacts, analyzing runtime...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.7 views

Breaking the Illusion: Automated Reasoning of GDPR Consent Violations

Recent privacy regulations such as the General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA have established legal requirements for obtaining user consent regarding the collection, use, and sharing of personal data. These regulations emphasize that consent must be...

6.8AI score
Exploits0
OSV
OSV
added 2025/12/13 11:42 a.m.9 views

BIT-MONGODB-2025-12657 Malformed KMIP response may result in access violation

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...

5.9CVSS6.8AI score0.00357EPSS
Exploits0References2
ICS
ICS
added 2025/12/09 12:0 a.m.11 views

Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

6.2AI score
Exploits0References10
Packet Storm News
Packet Storm News
added 2025/12/04 12:0 a.m.7 views

BGPFuzz: Automated Configuration Fuzzing of the Border Gateway Protocol

Telecommunications networks rely on configurations to define routing behavior, especially in the Border Gateway Protocol BGP, where misconfigurations can lead to severe outages and security breaches, as demonstrated by the 2021 Facebook outage. Unlike existing approaches that rely on synthesis or...

6.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/11 12:57 a.m.14 views

CVE-2025-12657

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...

5.9CVSS6.8AI score0.00357EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/11/10 12:0 a.m.5 views

Falco 0.42.1

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-12657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this...

5.9CVSS5.5AI score0.00357EPSS
Exploits0References2
OSV
OSV
added 2025/11/03 9:18 p.m.11 views

UBUNTU-CVE-2025-12657

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...

5.9CVSS5.8AI score0.00357EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.5 views

PT-2025-44795

Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description The KMIP response parser within MongoDB binaries is susceptible to parsing malformed packets with excessive tolerance, potentially creating invalid objects. Subsequent reads of these objects...

5.9CVSS6.4AI score0.00357EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2025/11/03 12:0 a.m.7 views

MongoDB -- Improper Check for Unusual or Exceptional Conditions

https://jira.mongodb.org/browse/SERVER-101230 reports: The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...

5.9CVSS6.9AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/10/31 12:15 p.m.3 views

CVE-2025-58148

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

7.5CVSS0.00347EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/20 2:48 a.m.11 views

kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...

7.1CVSS5.7AI score0.00164EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4373

Malware in sbrugna...

6.1CVSS6.1AI score0.01867EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0975

Malware in sbrugna...

5CVSS6.4AI score0.01802EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-3931

Malware in sbrugna...

7.5CVSS7.6AI score0.0279EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-23282

Malware in sbrugna...

7.5CVSS7.4AI score0.06095EPSS
Exploits0References2
Rows per page
Query Builder