7.8

CVSS3.1

CVE-2025-21999 - proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been reg…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:17 p.m.

9.8

CVSS3.1

CVE-2025-22928 -

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: May 2, 2025, 7:52 p.m.

7.5

CVSS3.1

CVE-2024-47215 -

An issue was discovered in Snowbridge setups sending data to Google Tag Manager Server Side. It involves attaching an invalid GTM SS preview header to events, causing them to be retried indefinitely. As a result, the performance of forwarding events to GTM SS overall can be affected (latency, throu…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 23, 2025, 2:55 p.m.

6.5

CVSS3.1

CVE-2024-47217 -

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 8, 2025, 6:55 p.m.

9.8

CVSS3.1

CVE-2025-26817 -

Netwrix Password Secure 9.2.0.32454 allows OS command injection.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: May 29, 2025, 1:28 p.m.

9.8

CVSS3.1

CVE-2025-22926 -

An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 30, 2025, 4:39 p.m.

5.5

CVSS3.1

CVE-2025-22002 - netfs: Call `invalidate_cache` only if implemented

In the Linux kernel, the following vulnerability has been resolved: netfs: Call `invalidate_cache` only if implemented Many filesystems such as NFS and Ceph do not implement the `invalidate_cache` method. On those filesystems, if writing to the cache (`NETFS_WRITE_TO_CACHE`) fails for some reaso…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Oct. 1, 2025, 5:15 p.m.

7.4

CVSS3.1

CVE-2025-3155 - Yelp: arbitrary file read

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Nov. 11, 2025, 12:09 p.m.

9.8

CVSS3.1

CVE-2025-26818 -

Netwrix Password Secure through 9.2 allows command injection.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 8, 2025, 8:10 p.m.

7.5

CVSS3.1

CVE-2024-47214 -

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventual…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 10, 2025, 1:51 p.m.
Total resulsts: 346560
Page 5780 of 34,656
Β« previous page Β» next page
Filters