Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1953 |
Description: A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.3.0 is able to address this issue. It is recommended to upgrade the affected component. In vLLM AIBrix 0.2.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei pkg/plugins/gateway/prefixcacheindexer/hash.go der Komponente Prefix Caching. Durch die Manipulation mit unbekannten Daten kann eine insufficiently random values-Schwachstelle ausgenutzt werden. Die Komplexität eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Ein Aktualisieren auf die Version 0.3.0 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.
CVSS: LOW (2.1) EPSS Score: 0.04% SSVC Exploitation: none
March 4th, 2025 (about 2 months ago)
|
|
CVE-2024-47259 |
Description: Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS: LOW (3.5) EPSS Score: 0.97%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-24309 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-24301 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23420 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23418 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVSS: LOW (3.3) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23414 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23409 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23240 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVSS: LOW (3.8) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|
|
CVE-2025-23234 |
Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.
CVSS: LOW (3.3) EPSS Score: 0.01%
March 4th, 2025 (about 2 months ago)
|