Lucene search
K

69 matches found

Nuclei
Nuclei
added yesterday16 views

Google ADK-Python - Unauthenticated Builder Endpoint

Google Agent Development Kit ADK 1.7.0 through 1.28.1 and 2.0.0a1 through 2.0.0a2 on Python OSS, Cloud Run, and GKE contains a code injection and missing authentication vulnerability, letting unauthenticated remote attackers execute arbitrary code on the server, exploit requires no authentication...

10CVSS6.4AI score0.01816EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday12 views

Mailpit < 1.28.3 - Server-Side Request Forgery

Mailpit = 1.28.0 contains a server-side request forgery caused by insufficient validation of internal IP addresses in the /proxy endpoint, letting attackers make requests to internal network resources, exploit requires crafted HTTP GET requests. id: CVE-2026-21859 info: name: Mailpit 1.28.3 -...

5.8CVSS6.1AI score0.00755EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/04/13 8:35 a.m.3 views

CVE-2026-4810

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

10CVSS6.3AI score0.01816EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/01 10:1 a.m.14 views

CLEANSTART-2026-UD61879 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, ghsa-9h8m-3fm2-qjrq, ghsa-jv3w-x3r3-g6rm applied in versions: 1.28.1-r0, 1.28.1-r1, 1.28.3-r0, 1.28.4-r0

Multiple security vulnerabilities affect the istio-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.00765EPSS
Exploits2References15
OSV
OSV
added 2026/04/01 10:1 a.m.8 views

CLEANSTART-2026-IY77127 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, ghsa-9h8m-3fm2-qjrq, ghsa-jv3w-x3r3-g6rm applied in versions: 1.28.1-r0, 1.28.1-r1, 1.28.3-r0, 1.29.0-r0

Multiple security vulnerabilities affect the istio-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.00765EPSS
Exploits2References15
OSV
OSV
added 2026/04/01 9:31 a.m.6 views

CLEANSTART-2026-NC32267 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.24.4-r0, 1.28.1-r0, 1.28.1-r1

Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.9AI score0.01557EPSS
Exploits4References19
Fedora
Fedora
added 2026/03/14 12:17 a.m.6 views

[SECURITY] Fedora 44 Update: gstreamer1-plugins-good-1.28.1-1.fc44

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/03/14 12:17 a.m.10 views

[SECURITY] Fedora 44 Update: gstreamer1-plugins-base-1.28.1-1.fc44

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/03/14 12:17 a.m.6 views

[SECURITY] Fedora 44 Update: gstreamer1-rtsp-server-1.28.1-1.fc44

A GStreamer-based RTSP server library...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/03/14 12:17 a.m.5 views

[SECURITY] Fedora 44 Update: gstreamer1-plugin-libav-1.28.1-1.fc44

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/03/13 10:41 p.m.2 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the handling of coordinates due to insufficient validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can achieve arbitrary code execution by enticing a use...

8.5CVSS6.5AI score0.00729EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/13 10:41 p.m.2 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of stream headers within ASF files due to improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer. An attacker can achieve arbitrary code...

8.5CVSS6.5AI score0.00773EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/13 10:41 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the processing of APS units due to insufficient validation of user-supplied data. An attacker can achieve arbitrary code execution by providing crafted input that triggers a write past the end of an allocated buff...

8.5CVSS6.6AI score0.00421EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/13 8:41 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the RIFF parser when handling palette data in AVI files. An attacker can execute arbitrary code by convincing a user to open a specially crafted AVI file with an application linked against the affected...

8.4CVSS7.5AI score0.00867EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/13 8:41 p.m.8 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the RTP QDM2 depayloader when handling X-QDM RTP payload elements. An attacker can achieve arbitrary code execution by supplying specially crafted data to the packetid element, resulting in a write past the...

8.8CVSS7.9AI score0.00806EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/13 8:39 p.m.9 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow when parsing Huffman tables in JPEG files. An attacker can execute arbitrary code by supplying a specially crafted JPEG file. Remediation Upgrade gstreamer to version 1.28.1 or higher. References - GitLab Comm...

8.4CVSS7.5AI score0.00787EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/13 8:39 p.m.9 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the H.266 video bitstream parser. An attacker can achieve process crash or arbitrary code execution by enticing a user to open specially crafted H.266 media content with an application that processes...

8.4CVSS7.7AI score0.00425EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-3081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary co...

7.8CVSS7.7AI score0.00425EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-2920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

7.8CVSS7.7AI score0.00773EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-2922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

7.8CVSS7.7AI score0.00431EPSS
Exploits0References2
Rows per page
Query Builder