Lucene search
K

39 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libstb

stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...

9.1CVSS8.5AI score0.02796EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/25 9:30 p.m.11 views

EUVD-2026-15984

Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2...

9.8CVSS5.8AI score0.00296EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/01/27 9:28 a.m.28 views

CVE-2026-24830 Integer Overflow or Wraparound in IronOS

Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2...

9.8CVSS0.00296EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 8:36 a.m.5 views

CVE-2026-24801 A Potential SPA-vulnerability in Ralim/IronOS

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

6.9CVSS5.9AI score0.00178EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/27 8:36 a.m.5 views

EUVD-2026-4797

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

6.9CVSS5.9AI score0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 8:36 a.m.33 views

CVE-2026-24801 A Potential SPA-vulnerability in Ralim/IronOS

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

6.9CVSS0.00178EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.14 views

PT-2026-4908

Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2...

9.8CVSS5.9AI score0.00296EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.4 views

CVE-2025-67632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Plugin Factory Google AdSense for Responsive Design – GARD google-adsense-for-responsive-design-gard allows DOM-Based XSS.This issue affects Google AdSense for Responsive Design – GARD: from n/...

5.9CVSS5.2AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 1:10 p.m.12 views

CVE-2025-67632

CVE-2025-67632 affects Google AdSense for Responsive Design (GARD) in The Plugin Factory; it is a DOM-Based XSS vulnerability triggered by improper input neutralization during web page generation. Affected: google-adsense-for-responsive-design-gard; vulnerable from n/a through

5.9CVSS5.2AI score0.00172EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/28 7:36 p.m.2 views

Use of a Key Past its Expiration Date

Overview Affected versions of this package are vulnerable to Use of a Key Past its Expiration Date due to improper enforcement of OIDC token expiry in the authentication process when no refresh token is provided. An attacker can maintain unauthorized access to the service by continuously using a...

4.2CVSS7AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/07/31 6:26 a.m.4 views

Security update for rmt-server

This update for rmt-server fixes the following issues: Update to version 2.23 CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 CVE-2025-32441: Fixed a bug where simultaneous rack requests can restore a deleted rack session. bsc1242898 Patch Instructions: To install th...

8.7CVSS6.5AI score0.00911EPSS
Exploits0References10
OSV
OSV
added 2025/07/31 6:26 a.m.3 views

SUSE-SU-2025:02564-1 Security update for rmt-server

This update for rmt-server fixes the following issues: - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a bug where simultaneous rack requests can restore a deleted rack session. bsc1242898...

7.5CVSS7.8AI score0.00911EPSS
Exploits0References6
OSV
OSV
added 2025/07/16 11:10 a.m.4 views

SUSE-SU-2025:02330-1 Security update for rmt-server

This update for rmt-server fixes the following issues: - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a bug where simultaneous rack requests can restore a deleted rack session. bsc1242898...

7.5CVSS7.2AI score0.00911EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/02/24 3:13 p.m.5 views

WordPress PlayerJS plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin PlayerJS versions = 2.23...

6.5CVSS6.1AI score0.00203EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.6 views

PT-2024-25551 · Unknown · Ajax Login/Registration Modal Popup + Inline Form

Name of the Vulnerable Software and Affected Versions: Maxim K AJAX Login and Registration modal popup + inline form versions n/a through 2.23 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Store...

5.9CVSS6.4AI score0.00359EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/04/29 12:0 a.m.14 views

WordPress AJAX Login and Registration modal popup + inline form Plugin <= 2.23 is vulnerable to Cross Site Scripting (XSS)

Software AJAX Login and Registration modal popup + inline form Type Plugin Vulnerable versions = 2.23 Fixed in 2.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33918 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID ea1aeec00d87...

5.9CVSS6.5AI score0.00359EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/06 10:52 a.m.52 views

BIT-GIT-2020-5260 malicious URLs may cause Git to present stored credentials to the wrong server

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system...

9.3CVSS7.3AI score0.10047EPSS
Exploits2References20
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.65 views

GeoServer Code Issues Vulnerabilities

GeoServer is an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer versions 2.22.x prior to 2.22.5 and 2.23.x prior to 2.23.2 that originates from allowing users to share and edit geospatial data...

8.6CVSS6.7AI score0.00514EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/07 9:50 a.m.7 views

CVE-2022-45910 Apache ManifoldCF: LDAP Injection Vulnerability - ActiveDirectory Authorities

Improper neutralization of special elements used in an LDAP query 'LDAP Injection' vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache ManifoldCF allows an attacker to manipulate the LDAP search queries DoS, additional queries, filter manipulation during...

5.6AI score0.0147EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.4 views

PT-2022-27680 · Apache · Apache Manifoldcf

Name of the Vulnerable Software and Affected Versions: Apache ManifoldCF versions 2.23 and prior versions Description: The issue is related to improper neutralization of special elements used in an LDAP query, also known as 'LDAP Injection'. This allows an attacker to manipulate the LDAP search...

5.3CVSS7.5AI score0.0147EPSS
Exploits0References4
Rows per page
Query Builder