Lucene search
K

115967 matches found

OSV
OSV
added 2 hours ago0 views

RLSA-2026:35833 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...

8.7CVSS0.00651EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2 hours ago9 views

flyto-core has Unauthenticated Command Execution via HTTP MCP `execute_module`

Unauthenticated Command Execution via HTTP MCP executemodule Summary The HTTP MCP endpoint POST /mcp in flyto-core accepts unauthenticated JSON-RPC tools/call requests and dispatches them to arbitrary registered modules, including sandbox.executeshell, which passes attacker-controlled input...

6.4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 3 hours ago4 views

Scriban: Template Writes to Arbitrary CLR Properties via `TypedObjectAccessor` (Mass Assignment + `private` / `init` / `internal` Setter Bypass)

Description When a host pushes a CLR object into a Scriban TemplateContext via the standard, documented pattern — var so = new ScriptObject; so"user" = currentUser; // direct CLR reference context.PushGlobalso; — TypedObjectAccessor exposes every public-getter property for both reading and writin...

6AI score
Exploits0References2Affected Software1
NVD
NVD
added 3 hours ago4 views

CVE-2025-53831

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 3 hours ago1 views

Security Bulletin: Vulnerability in golang.org/x/net package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage include the golang.org/x/net package. It cause a running server to panic. CVE-2026-27141 Vulnerability Details CVEID:CVE-2026-27141 DESCRIPTION: Due to missing nil check, sending 0x0a-0x0f HTTP/2...

7.5CVSS5.9AI score0.00501EPSS
Exploits0Affected Software2
The Hacker News
The Hacker News
added 4 hours ago6 views

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 CVSS score: 9.8, a vulnerability that stems from the DevOps platform trusting the "X-WEBAUTH-USER" header...

9.8CVSS7.2AI score0.00783EPSS
Exploits3
Vulnrichment
Vulnrichment
added 4 hours ago3 views

CVE-2025-53831 DrawIO for ownCloud 10 is vulnerable to Stored XSS

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 4 hours ago5 views

CVE-2025-53831 DrawIO for ownCloud 10 is vulnerable to Stored XSS

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 hours ago4 views

CVE-2025-53831

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score
Exploits0References2Affected Software2
EUVD
EUVD
added 4 hours ago4 views

EUVD-2025-210435

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score
Exploits0References1
CVE
CVE
added 4 hours ago7 views

CVE-2025-53831

DrawIO for ownCloud is affected by a Stored XSS in older builds. The vulnerability stems from improper neutralization of user-supplied input during web page generation, enabling stored XSS when attackers have access to the DrawIO app. Affected range includes DrawIO for ownCloud < 1.0.2 (corres...

8.2CVSS5.9AI score
Exploits0References1
NVD
NVD
added 4 hours ago6 views

CVE-2025-53830

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery SSRF. This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade...

9.1CVSS
Exploits0References1
NVD
NVD
added 4 hours ago4 views

CVE-2025-53829

ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path traversal vulnerability in the system to execute arbitrary code. Upgrade ownCloud 10 to version 10.15.3 or later to receive ...

8CVSS
Exploits0References1
NVD
NVD
added 4 hours ago5 views

CVE-2025-53827

ownCloud Core is the server-side component of the file storage, synchronization, and sharing application ownCloud Classic. In versions prior to 10.15.3, the Updater on ownCloud 10 before 10.15.3 has an exposed dangerous method or function. Attackers with administrative privileges may leverage...

9.1CVSS
Exploits0References1
NVD
NVD
added 4 hours ago5 views

CVE-2025-53828

SharePoint for ownCloud is an application for using SharePoint with the file storage, synchronization, and sharing application ownCloud Classic. In SharePoint for ownCloud prior to version 0.4.1, which corresponds to ownCloud 10 prior to 10.15.3, an attacker with administrative privileges can use...

8.5CVSS
Exploits0References1
RedHat Linux
RedHat Linux
added 4 hours ago4 views

Important: Red Hat Security Advisory: plexus-utils security update

An update for plexus-utils is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

8.8CVSS6AI score0.00663EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 hours ago3 views

Important: Red Hat Security Advisory: plexus-utils security update

An update for plexus-utils is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

8.8CVSS6AI score0.00663EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 hours ago4 views

Important: Red Hat Security Advisory: plexus-utils security update

An update for plexus-utils is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.8CVSS6AI score0.00663EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 hours ago3 views

Important: Red Hat Security Advisory: plexus-utils security update

An update for plexus-utils is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

8.8CVSS6AI score0.00663EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 5 hours ago2 views

Security Bulletin: Due to the use of OpenSSL, IBM EntireX is vulnerable to multiple vulnerabilities

Summary Due to the use of OpenSSL, IBM EntireX is vulnerable to multiple vulnerabilities CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181, CVE-2026-34182, CVE-2026-34183, CVE-2026-42764, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-42770, CVE-2026-45445,...

9.1CVSS6.9AI score0.02719EPSS
Exploits0Affected Software1
Rows per page
Query Builder