Lucene search
K

1720 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : rh-python34-python-3.4.2-14.AXS4 (AXSA:2016-651:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-651:01 advisory. Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially ho...

6.1CVSS7.1AI score0.04689EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001299 advisory. The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing loc...

7.8CVSS6.6AI score0.00502EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002321 advisory. In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. Tenable has...

9.8CVSS7.7AI score0.02968EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003541)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003541 advisory. The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing loc...

7.8CVSS6.6AI score0.00502EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.6 views

CVE-2023-4950

The Interactive Contact Form and Multi Step Form Builder WordPress plugin before 3.4 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

6.1CVSS6.2AI score0.0047EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/12/12 10:11 p.m.4 views

CVE-2025-67721 Aircompressor's Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via...

6.3CVSS6.5AI score0.00369EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.5 views

PT-2025-51030

Name of the Vulnerable Software and Affected Versions Aircompressor versions 3.3 and below Description Aircompressor is a Java library providing ports of Snappy, LZO, LZ4, and Zstandard compression algorithms. Incorrect handling of malformed data in the Java-based decompressor implementations for...

9.8CVSS7.5AI score0.00369EPSS
Exploits0References99
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-62999

Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through = 3.5...

5.4CVSS5.9AI score0.00217EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.7 views

CVE-2025-62999

CVE-2025-62999 affects the WordPress Litho Addons plugin (themezaa Litho Addons) up to version 3.4. Root cause: missing/incorrectly configured authorization leading to broken access control. Impact described as exploitation of access control security levels without details on specific vectors or ...

5.4CVSS5.9AI score0.00217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.8 views

PT-2025-50024

Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through = 3.4...

7AI score0.00217EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/26 10:55 p.m.6 views

CVE-2025-13397

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

5.5CVSS4.3AI score0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/24 12:0 a.m.3 views

CVE-2025-64048

YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...

5.3AI score0.00158EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/11/19 12:30 p.m.6 views

dev.savantly.nexus:agents-module (=3.4.0), dev.savantly.nexus:common-types-module (=3.4.0) +152 more potentially affected by CVE-2025-64408 via org.apache.causeway.core:causeway-applib (>=2.0.0-RC1 <=3.4.0)

org.apache.causeway.core:causeway-applib MAVEN version =2.0.0-RC1, =3.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.causeway.core:causeway-applib and may be impacted: - dev.savantly.nexus:agents-module =3.4.0 -...

6.3CVSS5.8AI score0.09442EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.5 views

mruby/c 代码问题漏洞

mruby/c is a C language library in the ITOC mruby/c team.open source. A code issue vulnerability exists in mruby/c version 3.4 and earlier, which stems from improper manipulation of the parameter ptr to function mrbcrawrealloc in file src/alloc.c, which may result in a null pointer dereference...

5.5CVSS4.6AI score0.00128EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/11/18 12:0 a.m.11 views

CVE-2025-63829

eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Timet:: fraction function...

0.00283EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/12 5:7 p.m.5 views

CVE-2025-27712

Improper neutralization for some IntelR Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...

5.7CVSS6.4AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2025/11/10 10:15 p.m.5 views

CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

7.5CVSS0.00373EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2025/11/10 9:27 p.m.8 views

CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

7.8CVSS8.1AI score0.00237EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/11/10 9:23 p.m.7 views

CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

7.5CVSS6.5AI score0.00373EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/10/24 2:33 p.m.6 views

CVE-2025-60215

Deserialization of Untrusted Data vulnerability in designthemes Kriya kriya allows Object Injection.This issue affects Kriya: from n/a through = 3.4...

8.8CVSS7AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder