Lucene search
K

75 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51720

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the compat mtw from user function within the netfilter ebtables component. The issue occurs because the function fails to properly validate the...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fsnotify: Do not generate ACCESS/MODIFY events for special files in child processes. inotify/fanotify: Do not allow users who have no read access to a file to subscribe to events like INACCESS/INMODIFY. However, users can stil...

5.6AI score0.00173EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 7:57 p.m.9 views

GHSA-273H-GVWR-C3QJ CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...

8.2CVSS5.8AI score0.00115EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/27 7:57 p.m.12 views

CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...

5.8AI score0.00115EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-44130

Name of the Vulnerable Software and Affected Versions CrowdSec LAPI affected versions not specified Description The LAPI router utilizes the gin-contrib/gzip middleware with DefaultDecompressHandle globally in pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request...

8.2CVSS5.3AI score0.00115EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.4 views

ClawKeeper: Comprehensive Safety Protection for OpenClaw Agents through Skills, Plugins, and Watchers

Whitepaper called ClawKeeper: Comprehensive Safety Protection For OpenClaw Agents Through Skills, Plugins, And Watchers...

5.8AI score
Exploits0
OSV
OSV
added 2026/01/23 12:31 a.m.5 views

GHSA-8FWC-QJW5-RVGP Gitea may send release notification emails for private repositories to users whose access has been revoked

Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags,...

2.3CVSS5.4AI score0.00237EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/01/15 12:26 a.m.3 views

SUSE CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

4.7CVSS6.3AI score0.00173EPSS
Exploits0References21
OSV
OSV
added 2026/01/13 4:15 p.m.6 views

AZL-74447 CVE-2025-68788 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

5.8AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 4:15 p.m.4 views

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

0.00173EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/01/13 4:15 p.m.1 views

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

5.8AI score0.00173EPSS
Exploits0References36
OSV
OSV
added 2026/01/13 4:15 p.m.5 views

UBUNTU-CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

5.9AI score0.00173EPSS
Exploits0References38
Cvelist
Cvelist
added 2026/01/13 3:29 p.m.17 views

CVE-2025-68788 fsnotify: do not generate ACCESS/MODIFY events on child for special files

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

0.00173EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:29 p.m.2 views

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

5.3AI score0.00173EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/01/13 3:29 p.m.16 views

CVE-2025-68788

CVE-2025-68788 is addressed in OSV:OESA-2026-1305, which reports a Linux kernel security update for the fsnotify subsystem. The fix aligns fsnotify behavior with file-attrib semantics by not generating ACCESS/MODIFY events for parent watchers when a read/write occurs on special files (e.g., /dev/...

5.9AI score0.00173EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/07 12:0 a.m.3 views

PT-2026-2520

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel had an issue where inotify and fanotify allowed users without read access to a file to subscribe to events on its children when they had access to the parent directory...

4.6CVSS5.4AI score0.00173EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-51290

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00608EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51291

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00608EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-1001

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00246EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/24 9:37 a.m.14 views

Security Bulletin: Vulnerabilities exists in IBM Netezza Performance Server Replication Services

Summary Vulnerabilities exists in IBM Netezza Performance Server Replication Services are addressed in 3.0.5.0 Vulnerability Details CVEID:CVE-2023-44981 DESCRIPTION: Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled ...

9.8CVSS7.5AI score0.08191EPSS
Exploits6Affected Software1
Rows per page
Query Builder