Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-41259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root...

7.3CVSS5.5AI score0.00101EPSS
Exploits0References3
Circl
Circl
added 2026/06/03 1:5 p.m.9 views

CVE-2025-41259

creationtimestamp| type| source ---|---|--- 2026-06-03 13:05:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnf6ezoyow2d 2026-06-04 11:39:39+00:00| seen| https://bsky.app/profile/cybersecinsight.bsky.social/post/3mnhjzwy4m42p...

7.3CVSS5.8AI score0.00101EPSS
Exploits0References2
Circl
Circl
added 2026/04/23 9:26 p.m.6 views

CVE-2026-41259

creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:07+00:00| published-proof-of-concept| Telegram/wY3PGk1V7kusFG8GbDK0g0CtGhXXIm9UsDC-frBku-7BiY...

8.2CVSS4.8AI score0.00213EPSS
Exploits0
NVD
NVD
added 2026/04/23 7:17 p.m.5 views

CVE-2026-41259

Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that are interpreted...

8.2CVSS0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/23 6:55 p.m.3 views

CVE-2026-41259 Mastodon: Insufficient verification of email addresses

Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that are interpreted...

8.2CVSS5.8AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.5 views

CVE-2024-41259

Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...

9.1CVSS6.8AI score0.00428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:16 a.m.10 views

CVE-2023-41259

Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...

7.5CVSS6.7AI score0.00717EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:45 p.m.10 views

CVE-2022-41259

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor...

6.5CVSS7.2AI score0.00716EPSS
Exploits0References1
Circl
Circl
added 2024/08/01 11:47 p.m.5 views

CVE-2024-41259

creationtimestamp| type| source ---|---|--- 2024-08-01 23:47:20+00:00| seen| https://t.me/cvedetector/2270...

9.1CVSS4.8AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2024/08/01 9:15 p.m.19 views

CVE-2024-41259

Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...

9.1CVSS0.00428EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/01 12:0 a.m.9 views

CVE-2024-41259

Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...

6.8AI score0.00428EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/01 12:0 a.m.26 views

CVE-2024-41259

Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...

0.00428EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/12/04 6:7 p.m.854 views

USN-6529-1: Request Tracker vulnerabilities

It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-38562, CVE-2022-25802, CVE-2023-41259,...

7.5CVSS6.9AI score0.01707EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/04 12:0 a.m.43 views

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Request Tracker vulnerabilities (USN-6529-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6529-1 advisory. It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were...

7.5CVSS6.9AI score0.01707EPSS
Exploits0References5
NVD
NVD
added 2023/11/03 5:15 a.m.17 views

CVE-2023-41259

Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...

7.5CVSS7.3AI score0.00717EPSS
Exploits0References4
OSV
OSV
added 2023/11/03 5:15 a.m.5 views

CVE-2023-41259

Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...

7.5CVSS7.3AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/11/03 5:15 a.m.75 views

CVE-2023-41259

Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...

7.5CVSS7.1AI score0.00717EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/11/03 12:0 a.m.35 views

CVE-2023-41259

Best Practical Request Tracker RT before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call...

7.5CVSS7.3AI score0.00717EPSS
Exploits0
CVE
CVE
added 2023/11/03 12:0 a.m.140 views

CVE-2023-41259

CVE-2023-41259 affects Best Practical Request Tracker (RT) prior to 4.4.7 and RT 5.x prior to 5.0.5, allowing Information Disclosure via fake or spoofed RT email headers in an email message or in the mail-gateway REST API call. The underlying issue is unvalidated email headers accepted by RT, ena...

7.5CVSS7.1AI score0.00717EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2023/11/01 12:0 a.m.19 views

Debian: Security Advisory (DLA-3642-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.00717EPSS
Exploits0References4
Rows per page
Query Builder