Lucene search
K

249 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.7 views

CVE-2025-52464

Meshtastic is an open source mesh networking solution. In versions from 2.5.0 to before 2.6.11, the flashing procedure of several hardware vendors was resulting in duplicated public/private keys. Additionally, the Meshtastic was failing to properly initialize the internal randomness pool on some...

9.5CVSS7AI score0.00418EPSS
Exploits0References1
NVD
NVD
added 2025/06/19 4:15 p.m.5 views

CVE-2025-52464

Meshtastic is an open source mesh networking solution. In versions from 2.5.0 to before 2.6.11, the flashing procedure of several hardware vendors was resulting in duplicated public/private keys. Additionally, the Meshtastic was failing to properly initialize the internal randomness pool on some...

9.5CVSS0.00418EPSS
Exploits0References5
CVE
CVE
added 2025/06/19 3:10 p.m.95 views

CVE-2025-52464

Meshtastic versions 2.5.0–2.6.10 expose a vulnerability where flashing procedures can duplicate public/private keys and the RNG may have low entropy, allowing an attacker to decrypt Direct Messages after collecting compromised keys. This is caused by key generation timing and insufficient randomn...

9.5CVSS6.3AI score0.00418EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2025/06/16 2:21 p.m.12 views

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a "rare dual-threat." "The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible eve...

7.6AI score
Exploits0
HackRead
HackRead
added 2025/06/09 7:13 p.m.7 views

Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.5 views

PT-2025-26221

Name of the Vulnerable Software and Affected Versions Meshtastic versions 2.5.0 through 2.6.10 Description Meshtastic is an open source mesh networking solution. The flashing procedure of several hardware vendors was resulting in duplicated public/private keys. Additionally, Meshtastic was failin...

9.7CVSS5.4AI score0.00418EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2025/06/01 9:52 a.m.11 views

CVE-2025-5142

The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it possible for...

6.5CVSS6.5AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/05/30 10:15 a.m.5 views

CVE-2025-5142

The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it possible for...

6.5CVSS5.6AI score0.00193EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.6 views

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

6.1CVSS7.2AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 p.m.6 views

CVE-2020-36334

themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database...

8.8CVSS7AI score0.00646EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:29 p.m.7 views

CVE-2020-36333

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...

9.1CVSS7.2AI score0.03429EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 a.m.7 views

CVE-2019-8512

This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure...

7.9CVSS5.7AI score0.00684EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 a.m.13 views

CVE-2013-5114

LastPass prior to 2.5.1 allows secure wipe bypass...

6.6CVSS6.9AI score0.00585EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/04 4:13 p.m.12 views

CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

5.5CVSS6.9AI score0.00163EPSS
Exploits0References4
OSV
OSV
added 2025/05/02 4:15 p.m.2 views

DEBIAN-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

5.5CVSS5.5AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

UBUNTU-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

5.5CVSS6.1AI score0.00163EPSS
Exploits0References6
OSV
OSV
added 2025/05/02 3:54 p.m.7 views

CVE-2023-53036 drm/amdgpu: Fix call trace warning and hang when removing amdgpu device

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

5.5CVSS6AI score0.00163EPSS
Exploits0References6
Snyk
Snyk
added 2025/03/20 10:46 a.m.1 views

Directory Traversal

Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Directory Traversal over the wipedatabase endpoint. An attacker can delete any directory on the target filesystem by sending a specially crafted HTTP request that manipulates the...

7.1CVSS7.6AI score0.00294EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

LoLLMs 路径遍历漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A path traversal vulnerability exists in LoLLMs v12, which stems from path traversal in the /wipedatabase endpoint and could lead to arbitrary directory deletion...

7.1CVSS7AI score0.00294EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.12 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-42157)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42157 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failur...

4.1CVSS5.9AI score0.0022EPSS
Exploits0References2
Rows per page
Query Builder