Lucene search
K

26 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime. A bug was discovered in Containerd prior to versions 1.6.18 and 1.5.18, where supplementary groups were not set up properly within a container. If an attacker has direct access to a container and manipulates the supplementary group permissions, they...

7.8CVSS6.7AI score0.00542EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.5 views

CVE-2026-32529

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in don-themes Molla molla allows Reflected XSS.This issue affects Molla: from n/a through 1.5.19...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25442

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00374EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/10/01 7:46 a.m.7 views

ai.acolite:openai-agent-sdk (>=0.1.0 <=0.4.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +23438 more potentially affected by CVE-2025-11226 via ch.qos.logback:logback-core (>=1.4.0 <=1.5.18)

ch.qos.logback:logback-core MAVEN version =1.4.0, =0.1.0, =0.1.0, =0.2.0, =0.114.0, =0.103.0, =0.114.0, =0.2.0, =0.8.0, =0.9.0 - ai.djl.spring:djl-spring-boot-starter-autoconfigure =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-auto =0.26 -...

7CVSS5.7AI score0.00181EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/01 12:0 a.m.5 views

Quality Open Software Logback 安全漏洞

Quality Open Software Logback is a logging framework for Java applications from Quality Open Software, Switzerland. A security vulnerability exists in Quality Open Software Logback version 1.5.18 and earlier, which stems from improper handling of conditional configuration files and could lead to...

5.9CVSS6.6AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.5 views

CVE-2025-27214

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...

9.8CVSS7AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 1:15 a.m.11 views

CVE-2025-27214

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...

9.8CVSS0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 12:1 a.m.10 views

CVE-2025-27214

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...

0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 12:1 a.m.38 views

CVE-2025-27213

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...

0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.4 views

Ubiquiti UniFi Connect EV Station 安全漏洞

Ubiquiti UniFi Connect EV Station is an electric vehicle station from Ubiquiti USA. A security vulnerability exists in the Ubiquiti UniFi Connect EV Station version 1.5.18 and earlier, which stems from a lack of authentication for critical functions and could result in an unauthorized restoration...

9.8CVSS6.9AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.12 views

PT-2025-34173 · Ubiquiti · Unifi Connect Ev Station Pro

Name of the Vulnerable Software and Affected Versions: UniFi Connect EV Station Pro versions 1.5.18 and earlier Description: A missing authentication check for critical functions in UniFi Connect EV Station Pro could allow an attacker with physical or adjacent access to perform an unauthorized...

9.8CVSS6.4AI score0.00374EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.4 views

PT-2024-22609 · Symfony +1 · Symfony1 +1

Name of the Vulnerable Software and Affected Versions: Symfony1 versions 1.3.0 through 1.5.17 Description: This issue is related to a gadget chain in Symfony1 due to a vulnerable Swift Mailer dependency. The vulnerability allows an attacker to achieve remote code execution if a developer...

5CVSS8AI score0.01485EPSS
Exploits1References12
OSV
OSV
added 2023/02/16 3:15 p.m.2 views

DEBIAN-CVE-2023-25153

containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug h...

5.5CVSS6.4AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2023/02/16 3:15 p.m.8 views

UBUNTU-CVE-2023-25153

containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug h...

6.2CVSS6.8AI score0.00363EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/02/16 2:9 p.m.42 views

CVE-2023-25153

containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug h...

6.2CVSS6.7AI score0.00363EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/16 12:0 a.m.4 views

PT-2023-1887 · Unknown +7 · Kubernetes Containerd +6

Name of the Vulnerable Software and Affected Versions: containerd versions 1.6.17 and earlier, containerd versions 1.5.17 and earlier Description: The issue is related to the import of OCI images in containerd, where there was no limit on the number of bytes read for certain files. A maliciously...

9.1CVSS5.5AI score0.27392EPSS
Exploits6References82
OSV
OSV
added 2022/05/20 1:15 p.m.2 views

CVE-2022-27640

A vulnerability has been identified in SIMATIC CP 442-1 RNA All versions V1.5.18, SIMATIC CP 443-1 RNA All versions V1.5.18. The affected devices improperly handles excessive ARP broadcast requests. This could allow an attacker to create a denial of service condition by performing ARP storming...

6.5CVSS5.7AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2021/07/20 7:15 a.m.1 views

DEBIAN-CVE-2020-36428

matio aka MAT File I/O Library 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble called from ReadInt32Data and MatVarRead4...

8.8CVSS7.2AI score0.01385EPSS
Exploits0References1
OSV
OSV
added 2021/07/20 7:15 a.m.7 views

UBUNTU-CVE-2020-36428

matio aka MAT File I/O Library 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble called from ReadInt32Data and MatVarRead4...

8.8CVSS6.8AI score0.01385EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/07/20 12:0 a.m.4 views

PT-2021-6570 · Matio +2 · Matio +2

Name of the Vulnerable Software and Affected Versions: matio versions 1.5.18 through 1.5.21 Description: The issue is related to a heap-based buffer overflow in the ReadInt32DataDouble function of the MATIO library, which can be exploited by a remote attacker to access confidential data, compromi...

9.8CVSS6.2AI score0.01766EPSS
Exploits1References29
Rows per page
Query Builder