home.social

#euvd β€” Public Fediverse posts

Live and recent posts from across the Fediverse tagged #euvd, aggregated by home.social.

  1. 🚨 EUVD-2026-33030

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana, Kibana, Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization ch...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  2. 🚨 EUVD-2026-33031

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana, Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated low-privileged user can cause Kibana to consume exponentially increasing amounts of memory by submitting a speci...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  3. 🚨 EUVD-2026-33032

    πŸ“Š Score: 7.7/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana, Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kib...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  4. 🚨 EUVD-2026-33033

    πŸ“Š Score: 7.2/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana, Kibana, Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Improper Input Validation (CWE-20) in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  5. 🚨 EUVD-2026-33034

    πŸ“Š Score: 6.5/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated user with viewer-level access can submit a request containing an oversized input value to an analytics collections manag...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  6. 🚨 EUVD-2026-33035

    πŸ“Š Score: 6.3/10 (CVSS v3.1)
    πŸ“¦ Product: Kibana
    🏒 Vendor: Elastic
    πŸ“… Updated: 2026-05-28

    πŸ“ Server-Side Request Forgery (CWE-918) in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress control...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  7. 🚨 EUVD-2026-33036

    πŸ“Š Score: 9.8/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Hospitality OPERA 5 Property Services, Oracle Hospitality OPERA 5 Property Services, Oracle Hospitality OPERA 5 Property Services (+2 more)
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  8. 🚨 EUVD-2026-33037

    πŸ“Š Score: 7.9/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle REST Data Services
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  9. 🚨 EUVD-2026-33038

    πŸ“Š Score: 8.1/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle REST Data Services
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Or...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  10. 🚨 EUVD-2026-33039

    πŸ“Š Score: 9.9/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle REST Data Services
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Or...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  11. 🚨 EUVD-2026-33040

    πŸ“Š Score: 9.8/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Payments
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  12. 🚨 EUVD-2026-33041

    πŸ“Š Score: 7.4/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Payments
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with netwo...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  13. 🚨 EUVD-2026-33042

    πŸ“Š Score: 9.1/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Internet Procurement Connector
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerabilit...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  14. 🚨 EUVD-2026-33043

    πŸ“Š Score: 8.5/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Financials Common Modules
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  15. 🚨 EUVD-2026-33044

    πŸ“Š Score: 7.7/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Financials Common Modules
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  16. 🚨 EUVD-2026-33045

    πŸ“Š Score: 9.9/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle iAssets
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  17. 🚨 EUVD-2026-33046

    πŸ“Š Score: 7.7/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Public Sector Financials (International)
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily exploitabl...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  18. 🚨 EUVD-2026-33047

    πŸ“Š Score: 9.9/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Universal Work Queue
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerabilit...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  19. 🚨 EUVD-2026-33048

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Payroll
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  20. 🚨 EUVD-2026-33049

    πŸ“Š Score: 8.8/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Payroll
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  21. 🚨 EUVD-2026-33050

    πŸ“Š Score: 8.1/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Payroll
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  22. 🚨 EUVD-2026-33051

    πŸ“Š Score: 7.5/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle REST Data Services
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  23. 🚨 EUVD-2026-33052

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle REST Data Services
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  24. 🚨 EUVD-2026-33013

    πŸ“Š Score: 9.0/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Database Server
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compro...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  25. 🚨 EUVD-2026-33015

    πŸ“Š Score: 7.5/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Database Server
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromi...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  26. 🚨 EUVD-2026-33014

    πŸ“Š Score: 7.5/10 (CVSS v3.1)
    πŸ“¦ Product: Oracle Database Server
    🏒 Vendor: Oracle Corporation
    πŸ“… Updated: 2026-05-28

    πŸ“ Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromi...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  27. πŸ“Š EUVD Daily CVSS Summary

    🟑 Average Score: 6.96/10 (Medium)
    πŸ“ˆ Vulnerabilities: 397
    ⬇️ Min: 2.7 | ⬆️ Max: 10.0

    πŸ“… Date: 2026-05-27

    #cybersecurity #infosec #euvd #cvss #vulnerability

  28. πŸ“Š EUVD Daily CVSS Summary

    🟑 Average Score: 6.74/10 (Medium)
    πŸ“ˆ Vulnerabilities: 286
    ⬇️ Min: 1.8 | ⬆️ Max: 10.0

    πŸ“… Date: 2026-05-26

    #cybersecurity #infosec #euvd #cvss #vulnerability

  29. 🚨 EUVD-2026-32007

    πŸ“Š Score: 8.3/10 (CVSS v3.1)
    πŸ“¦ Product: velocity.js
    🏒 Vendor: shepherdwind
    πŸ“… Updated: 2026-05-26

    πŸ“ Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templat...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  30. πŸ“Š EUVD Daily CVSS Summary

    🟑 Average Score: 6.9/10 (Medium)
    πŸ“ˆ Vulnerabilities: 161
    ⬇️ Min: 2.1 | ⬆️ Max: 9.3

    πŸ“… Date: 2026-05-25

    #cybersecurity #infosec #euvd #cvss #vulnerability

  31. πŸ“Š EUVD Daily CVSS Summary

    🟑 Average Score: 6.42/10 (Medium)
    πŸ“ˆ Vulnerabilities: 288
    ⬇️ Min: 2.3 | ⬆️ Max: 9.8

    πŸ“… Date: 2026-05-24

    #cybersecurity #infosec #euvd #cvss #vulnerability

  32. 🚨 EUVD-2026-31622

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Employee Management System
    🏒 Vendor: code-projects
    πŸ“… Updated: 2026-05-25

    πŸ“ A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is p...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  33. 🚨 EUVD-2026-31621

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Employee Management System
    🏒 Vendor: code-projects
    πŸ“… Updated: 2026-05-25

    πŸ“ A flaw has been found in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepassemp.php. Executing a manipulation of the argument ID can lead to cross site scri...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  34. 🚨 EUVD-2026-31620

    πŸ“Š Score: 8.5/10 (CVSS v3.1)
    πŸ“¦ Product: Aterm CM51FD, Aterm MR51FN
    🏒 Vendor: NEC Platforms, Ltd.
    πŸ“… Updated: 2026-05-25

    πŸ“ An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  35. 🚨 EUVD-2026-31623

    πŸ“Š Score: 4.8/10 (CVSS v3.1)
    πŸ“¦ Product: Aterm WX4200D5, Aterm WX7800T8, Aterm WX11000T12 (+6 more)
    🏒 Vendor: NEC Platforms, Ltd.
    πŸ“… Updated: 2026-05-25

    πŸ“ A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  36. 🚨 EUVD-2026-31626

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Employee Management System
    🏒 Vendor: code-projects
    πŸ“… Updated: 2026-05-25

    πŸ“ A vulnerability has been found in code-projects Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /empproject.php. The manipulation of the argument ID leads to cross site scripting. It i...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  37. 🚨 EUVD-2026-31625

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: KLiK SocialMediaWebsite
    πŸ“… Updated: 2026-05-25

    πŸ“ A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public an...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  38. 🚨 EUVD-2026-31624

    πŸ“Š Score: 6.9/10 (CVSS v3.1)
    πŸ“¦ Product: KLiK SocialMediaWebsite
    πŸ“… Updated: 2026-05-25

    πŸ“ A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The expl...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  39. 🚨 EUVD-2026-31616

    πŸ“Š Score: 5.1/10 (CVSS v3.1)
    πŸ“¦ Product: Indian Invoicing System, Indian Invoicing System
    🏒 Vendor: SourceCodester
    πŸ“… Updated: 2026-05-25

    πŸ“ A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.php of the component Invoice Template Re...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  40. 🚨 EUVD-2026-31618

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Employee Management System
    🏒 Vendor: code-projects
    πŸ“… Updated: 2026-05-25

    πŸ“ A weakness has been identified in code-projects Employee Management System 1.0. This affects an unknown function of the file /eloginwel.php. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  41. 🚨 EUVD-2026-31619

    πŸ“Š Score: 8.5/10 (CVSS v3.1)
    πŸ“¦ Product: NitrorSense V3
    🏒 Vendor: Acer
    πŸ“… Updated: 2026-05-25

    πŸ“ NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticat...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  42. 🚨 EUVD-2026-31617

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Employee Management System
    🏒 Vendor: code-projects
    πŸ“… Updated: 2026-05-25

    πŸ“ A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack c...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  43. 🚨 EUVD-2024-23947

    πŸ“Š Score: 5.5/10 (CVSS v3.1)
    πŸ“¦ Product: Linux, Linux, Linux (+24 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-03 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    nilfs2: fix potential bug in end_buffer_async_write

    According to a syzbot report, end_buffer_async_write(), which handles the
    completion of blo...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  44. 🚨 EUVD-2024-23957

    πŸ“Š Score: n/a
    πŸ“¦ Product: Linux, Linux, Linux (+18 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-03 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked

    The SEV platform device can be shutdown with a null psp_master,
    e.g., using DEBUG...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  45. 🚨 EUVD-2024-23968

    πŸ“Š Score: n/a
    πŸ“¦ Product: Linux, Linux, Linux (+16 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-03 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    parisc: Fix random data corruption from exception handler

    The current exception handler implementation, which assists when accessing
    user space memory, may ex...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  46. 🚨 EUVD-2024-23974

    πŸ“Š Score: 4.4/10 (CVSS v3.1)
    πŸ“¦ Product: Linux, Linux, Linux (+14 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-03 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    powerpc/kasan: Fix addr error caused by page alignment

    In kasan_init_region, when k_start is not page aligned, at the begin of
    for loop, k_cur ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  47. 🚨 EUVD-2024-23977

    πŸ“Š Score: n/a
    πŸ“¦ Product: Linux, Linux, Linux (+14 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-03 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend

    In current scenario if Plug-out and Plug-In performed continuously
    there could be a cha...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  48. 🚨 EUVD-2021-33862

    πŸ“Š Score: n/a
    πŸ“¦ Product: Linux, Linux, Linux (+6 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-10 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    hugetlb, userfaultfd: fix reservation restore on userfaultfd error

    Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we
    bail out using "goto ...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  49. 🚨 EUVD-2021-33840

    πŸ“Š Score: 5.3/10 (CVSS v3.1)
    πŸ“¦ Product: Linux, Linux, Linux (+12 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-10 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    scsi: core: sysfs: Fix hang when device state is set via sysfs

    This fixes a regression added with:

    commit f0f82e2476f6 ("scsi: core: Fix capac...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability

  50. 🚨 EUVD-2021-33843

    πŸ“Š Score: n/a
    πŸ“¦ Product: Linux, Linux, Linux (+8 more)
    🏒 Vendor: Linux
    πŸ“… Published: 2024-04-10 | Updated: 2026-05-23

    πŸ“ In the Linux kernel, the following vulnerability has been resolved:

    spi: fix use-after-free of the add_lock mutex

    Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on
    SPI buses") introduced a per-controller mu...

    πŸ”— euvd.enisa.europa.eu/vulnerabi

    #cybersecurity #infosec #euvd #cve #vulnerability