Lucene search
+L

16 matches found

circl
circl
added 2026/03/19 9:1 p.m.7 views

CVE-2026-32878

creationtimestamp| type| source ---|---|--- 2026-03-19 21:01:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhgvixxn4o2k...

7.5CVSS5.7AI score0.00345EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/18 9:40 p.m.22 views

CVE-2026-32878 Parse Server vulnerable to schema poisoning via prototype pollution in deep copy

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that...

5.3CVSS0.00345EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2026/03/17 6:37 p.m.6 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32878 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32878 Source advisory: OSV:GHSA-9CCR-FPP6-78QF...

7.5CVSS5.8AI score0.00345EPSS
Exploits0
nvd
nvd
added 2025/06/20 2:15 p.m.19 views

CVE-2025-32878

An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is mainly for downloading firmware files. Before downloading firmware files, the watch requests some information about the firmware via HTTPS from the back-end...

9.8CVSS0.00346EPSS
Exploits1References3
cvelist
cvelist
added 2025/06/20 12:0 a.m.24 views

CVE-2025-32878

An issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is mainly for downloading firmware files. Before downloading firmware files, the watch requests some information about the firmware via HTTPS from the back-end...

0.00346EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/05/23 4:24 a.m.7 views

CVE-2023-32878

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...

4.4CVSS6.2AI score0.00106EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/04/26 8:31 p.m.23 views

CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...

7.1CVSS8AI score0.00696EPSS
Exploits0References2
cvelist
cvelist
added 2024/04/26 8:31 p.m.32 views

CVE-2024-32878 Use of Uninitialized Variable Vulnerability in llama.cpp

Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in ggufinitfromfile, the code will free this uninitialized variable later. In a simple POC, it will directly cause a crash. If the file is carefully constructed, it may be possible to control this...

7.1CVSS7.6AI score0.00696EPSS
Exploits0References2
circl
circl
added 2024/01/02 4:26 a.m.5 views

CVE-2023-32878

creationtimestamp| type| source ---|---|--- 2024-01-02 04:26:55+00:00| seen| https://t.me/ctinow/161473 2024-01-03 01:31:18+00:00| seen| https://t.me/cibsecurity/74128 2024-01-22 15:11:27+00:00| seen| https://t.me/ctinow/171203...

4.4CVSS4.7AI score0.00106EPSS
Exploits0References3
cve
cve
added 2024/01/02 2:49 a.m.53 views

CVE-2023-32878

CVE-2023-32878 affects the battery module in MediaTek chips, where a missing bounds check can cause information disclosure. The vulnerability permits local information disclosure with system execution privileges required, and no user interaction is needed. A patch is identified (ALPS08308070; ALP...

4.4CVSS4.3AI score0.00106EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2023/05/08 8:15 p.m.2 views

CVE-2022-32878

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

5.8AI score
Exploits0References1
nvd
nvd
added 2023/05/08 8:15 p.m.11 views

CVE-2022-32878

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
cvelist
cvelist
added 1976/01/01 12:0 a.m.13 views

CVE-2021-32878

...

Exploits0
cve
cve
added 1976/01/01 12:0 a.m.37 views

CVE-2021-32878

CVE-2021-32878 entry is rejected/not used and does not represent an active vulnerability entry.

7.3AI score
Exploits0
cvelist
cvelist
added 1976/01/01 12:0 a.m.10 views

CVE-2022-32878

...

Exploits0
cve
cve
added 1976/01/01 12:0 a.m.32 views

CVE-2022-32878

CVE-2022-32878 entry is rejected/not used per the Initial Description.

7.3AI score
Exploits0
Rows per page
Query Builder