Lucene search
K

21202 matches found

AlmaLinux
AlmaLinux
added 2025/05/13 12:0 a.m.9 views

Low: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: code execution via OSC 50 input sequences CVE-2022-45063 For more details about the securi...

9.8CVSS7.3AI score0.04949EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.6 views

Python Library Django 4.2.x < 4.2.21 / 5.1.x < 5.1.9 / 5.2.x < 5.2.1 DoS

The detected version of the Django Python package, Django, is 4.2.x prior to 4.2.21 or 5.1.x prior to 5.1.9 or 5.2.x prior to 5.2.1. It is, therefore, affected by a denial of service vulnerability as disclosed in Django's May 7th 2025 security advisory. The django.utils.html.striptags function is...

5.3CVSS6.6AI score0.13969EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.9 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-964)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-964 advisory. Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a...

9.8CVSS7.8AI score0.66933EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-965)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-965 advisory. Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a...

9.8CVSS7.8AI score0.66933EPSS
Exploits6References6
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.3 views

Self-Supervised Transformer-Based Contrastive Learning for Intrusion Detection Systems

As the digital landscape becomes more interconnected, the frequency and severity of zero-day attacks, have significantly increased, leading to an urgent need for innovative Intrusion Detection Systems IDS. Machine Learning-based IDS that learn from the network traffic characteristics and can...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.5 views

EulerOS 2.0 SP10 : git (EulerOS-SA-2025-1512)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the...

8.8CVSS7.8AI score0.00494EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.3 views

EulerOS 2.0 SP10 : git (EulerOS-SA-2025-1513)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the...

8.8CVSS7.8AI score0.00494EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.5 views

PT-2025-26301

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.5.x through 10.5.5 Mattermost versions 9.11.x through 9.11.15 Mattermost versions 10.8.x through 10.8.0 Mattermost versions 10.7.x through 10.7.2 Mattermost versions 10.6.x through 10.6.5 Description Mattermost fails to...

9.9CVSS6.5AI score0.00687EPSS
Exploits0References85
OpenVAS
OpenVAS
added 2025/05/12 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2025-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.4AI score0.13969EPSS
Exploits0References4
OSV
OSV
added 2025/05/11 4:42 a.m.6 views

MGASA-2025-0153 Updated python-django packages fix security vulnerability

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.3CVSS7.7AI score0.13969EPSS
Exploits0References3
Mageia
Mageia
added 2025/05/11 4:42 a.m.31 views

Updated python-django packages fix security vulnerability

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.3CVSS7.1AI score0.13969EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/05/10 11:50 p.m.596 views

Exploit for Use After Free in Apple Ipados

iOS "Airborne" Vulnerabilities - Log Artifact Extractor This...

9.8CVSS9.7AI score0.03125EPSS
Exploits5
OSV
OSV
added 2025/05/09 12:42 p.m.6 views

OESA-2025-1484 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Improper Input Validation...

9.8CVSS6.6AI score0.66933EPSS
Exploits6References3
Snyk
Snyk
added 2025/05/08 6:30 p.m.3 views

Directory Traversal

Overview ironic is an OpenStack Bare Metal Provisioning Affected versions of this package are vulnerable to Directory Traversal via the handling of file:// image URLs during the deployment process. An attacker can write, list, view, edit, create, or delete unintended files to a target node disk b...

5.7CVSS7.4AI score0.00149EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/05/08 12:25 p.m.3 views

Security update for util-linux

This update for util-linux fixes the following issues: Updated to version 2.40.4: agetty: Prevent cursor escape bsc1194818 chcpu8: Document CPU deconfiguring behavior fdisk: SGI fixes hardlink: fix memory corruption hardlink.1 directory|file is mandatory lib/env: fix envlistsetenv for strings...

8.4CVSS7.4AI score0.02242EPSS
Exploits3References22
OSV
OSV
added 2025/05/08 12:24 p.m.1 views

SUSE-SU-2025:20304-1 Security update for util-linux

This update for util-linux fixes the following issues: - Updated to version 2.40.4: agetty: Prevent cursor escape bsc1194818 chcpu8: Document CPU deconfiguring behavior fdisk: SGI fixes hardlink: fix memory corruption hardlink.1 directory|file is mandatory lib/env: fix envlistsetenv for strings...

3.3CVSS7.2AI score0.02242EPSS
Exploits3References12
SUSE CVE
SUSE CVE
added 2025/05/08 11:41 a.m.1 views

SUSE CVE-2025-32873

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.9CVSS6.9AI score0.13969EPSS
Exploits0References7
NCSC
NCSC
added 2025/05/08 8:40 a.m.10 views

Vulnerabilities fixed in SonicWall SMA100

SonicWall has fixed vulnerabilities in the SMA100 series. The vulnerabilities are in the way the SMA100 series handles authenticated SSLVPN users. CVE-2025-32819 allows these users to bypass path-traversal controls and delete arbitrary files, which can lead to a reset of the device to factory...

8.8CVSS9.4AI score0.29415EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/08 7:20 a.m.17 views

CVE-2025-32873

A flaw was found in Django. This vulnerability allows denial of service via processing inputs containing large sequences of incomplete HTML tags...

5.3CVSS5.1AI score0.13969EPSS
Exploits0References6
OSV
OSV
added 2025/05/08 6:30 a.m.3 views

GHSA-8J24-CJRQ-GR2M Django has a denial-of-service possibility in strip_tags()

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.3CVSS6.8AI score0.13969EPSS
Exploits0References8
Rows per page
Query Builder