Lucene search
K

160 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00538EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the File System of Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.01659EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Web Workers in Google Chrome before version 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00635EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00617EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...

8.8CVSS7.4AI score0.00702EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

When downloading an HTML file, if the title of the page is formatted as a filename with a malicious extension, Firefox may save the file with that extension. This could lead to potential system compromise if the downloaded file is later executed. This vulnerability affects Firefox versions earlie...

7.8CVSS7.4AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Keyboard events reference strings like “KeyA” that are located at fixed, known, and widely-distributed addresses. Cache-based timing attacks, such as Prime+Probe, could potentially determine which keys were pressed. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

6.5CVSS6.9AI score0.00672EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 106. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execut...

8.8CVSS8.3AI score0.00568EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

If an attacker loads a font using FontFace on a background worker, a use-after-free might occur, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 107...

7.5CVSS7.5AI score0.00627EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.12 views

Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2026-107 (ALASECS-2026-107)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-107 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in...

7.5CVSS6.9AI score0.16212EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : setroubleshoot-3.0.47-6.1.0.1.AXS4 (AXSA:2015-107:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-107:01 advisory. Description: setroubleshoot GUI. Application that allows you to view setroubleshoot-server messages. Provides tools to help diagnose SELinux problems. When AV...

10CVSS5.5AI score0.16446EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:10 a.m.3 views

CVE-2016-10738

Zenbership v107 has CSRF via admin/cp-functions/event-add.php...

8.8CVSS7AI score0.00677EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.6 views

CVE-2019-11814

An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. There is persistent XSS via image names in titles, as demonstrated by a screenshot...

6.1CVSS5.8AI score0.00809EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 9:15 p.m.3 views

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

5.4CVSS5.9AI score0.00295EPSS
Exploits1References3
NVD
NVD
added 2026/01/08 9:15 p.m.7 views

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

5.4CVSS0.00295EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/08 12:0 a.m.21 views

CVE-2025-68718

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

0.00295EPSS
Exploits1References3
CVE
CVE
added 2026/01/08 12:0 a.m.17 views

CVE-2025-68718

KAYSUS KS-WR1200 routers, firmware 107, expose SSH and TELNET on the LAN interface with hardcoded credentials (root:12345678). The administrator cannot disable these services or change the hardcoded password, and changing the management GUI password has no effect on SSH/TELNET authentication. Any...

5.4CVSS6.8AI score0.00295EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.8 views

PT-2026-1920

Name of the Vulnerable Software and Affected Versions KAYSUS KS-WR1200 version 107 Description KAYSUS KS-WR1200 routers with firmware version 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or...

5.4CVSS6.8AI score0.00295EPSS
Exploits1References8
OSV
OSV
added 2025/11/12 4:47 p.m.1 views

MAL-2025-165091 Malicious code in riyanto-107 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deafeac2528cff227f320fa0045a290a690a24bacd51dc09346858f922f67ef6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/11 8:19 p.m.6 views

CVE-2025-64433

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod's file system. This issue stems from improper symlink handling when mounting PVC disks into a VM...

6.5CVSS5AI score0.00475EPSS
Exploits1References7
Rows per page
Query Builder