Lucene search
K

2847714 matches found

Packet Storm News
Packet Storm News
added 2026/09/10 12:0 a.m.56 views

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 3 hours ago16 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added 3 hours ago11 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago3 views

Security Bulletin: Due to the use of Google Go, IBM Cloud Pak Sys is affected by an infinite loop when unmarshaling certain forms of invalid JSON

Summary Vulnerability in Go used by Cloud Pak System CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which...

7.5CVSS6.7AI score0.01262EPSS
Exploits0Affected Software2
EUVD
EUVD
added 6 hours ago5 views

EUVD-2025-210422

picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed undetected malicious code in pickle files that executes during deserialization,...

8.1CVSS6.3AI score
Exploits0References2
EUVD
EUVD
added 6 hours ago5 views

EUVD-2025-210423

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...

8.1CVSS6.3AI score
Exploits0References2
CVE
CVE
added 6 hours ago3 views

CVE-2025-71359

The CVE concerns the Python package picklescan prior to version 0.0.29, where the vulnerability lies in deserializing pickle payloads that leverage lib2to3.pgen2.grammar.Grammar.loads within the reduce method. This can enable remote code execution during pickle.load() , by crafting pickle files t...

8.1CVSS6.3AI score
Exploits0References2
CVE
CVE
added 6 hours ago6 views

CVE-2025-71353

CVE-2025-71353 affects picklescan prior to 0.0.28. The root cause is that the tool fails to detect malicious pickle payloads that exploit torch._dynamo.guards.GuardBuilder.get within reduce methods. Attackers can craft pickle files with embedded code that evade detection and trigger arbitrary com...

8.1CVSS6.1AI score
Exploits0References2
CVE
CVE
added 6 hours ago3 views

CVE-2025-71347

The vulnerability concerns picklescan prior to 0.0.33, which fails to detect malicious pickle files that rely on numpy.f2py.crackfortran.param_eval in reduce methods. This allows remote attackers to embed code that executes during deserialization in applications that load untrusted pickle data, e...

8.1CVSS6.6AI score
Exploits0References2
EUVD
EUVD
added 6 hours ago3 views

EUVD-2025-210413

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...

8.1CVSS6.6AI score
Exploits0References2
EUVD
EUVD
added 6 hours ago4 views

EUVD-2025-210411

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...

8.1CVSS6.1AI score
Exploits0References2
Circl
Circl
added 6 hours ago5 views

CVE-2026-57981

creationtimestamp| type| source ---|---|--- 2026-07-04 01:22:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mprvjicmpx2e 2026-07-04 04:15:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116859765559758505...

8.8CVSS5.9AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago3 views

Security Bulletin: Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System [CVE-2024-6119]

Summary Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM Cloud Pak System is vulnerable to HTML injection[CVE-2023-38007].

Summary IBM Cloud Pak System is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Vulnerability was addressed in IBM Cloud Pak System. Vulnerability...

5.4CVSS6.2AI score0.00212EPSS
Exploits0Affected Software2
Circl
Circl
added yesterday5 views

CVE-2026-58426

creationtimestamp| type| source ---|---|--- 2026-07-03 22:16:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mprl4pas652r 2026-07-04 00:00:38+00:00| seen| https://infosec.exchange/users/offseq/statuses/116858764503193267 2026-07-04 00:01:05+00:00| seen|...

9.6CVSS5.9AI score
Exploits0References4
Circl
Circl
added yesterday4 views

CVE-2026-58289

creationtimestamp| type| source ---|---|--- 2026-07-03 22:14:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mprkz3ncbz2e 2026-07-04 02:04:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mprxujsddx25...

9CVSS5.9AI score
Exploits0References2
Circl
Circl
added yesterday5 views

CVE-2026-58523

creationtimestamp| type| source ---|---|--- 2026-07-03 21:49:12+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mprjmlunko2x 2026-07-03 21:49:13+00:00| seen| https://bsky.app/profile/potato.software/post/3mprjmmwam72h 2026-07-03 21:49:17+00:00| seen|...

6.5CVSS5.9AI score
Exploits0References9
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2026-14617

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score
Exploits0References8Affected Software1
CVE
CVE
added yesterday7 views

CVE-2026-58523

CVE-2026-58523 affects Microsoft Edge for Android. The issue is improper access control that allows an unauthenticated remote attacker to bypass a security feature over a network. The published data indicates a CVSS v3.1 base score of 6.5 (MEDIUM) with Network attack vector, low attack complexity...

6.5CVSS5.9AI score
Exploits0References1
Circl
Circl
added yesterday4 views

CVE-2026-14605

creationtimestamp| type| source ---|---|--- 2026-07-03 21:00:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mprgvrigd72r 2026-07-03 22:02:56+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mprkf6gjah2i 2026-07-03 22:19:59+00:00| seen|...

8.5CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder