Lucene search
K

12939 matches found

CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2025-11065 affecting package cert-manager for versions less than 1.12.15-6

CVE-2025-11065 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...

5.3CVSS5.8AI score0.00357EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6. A patched version of the package is available...

2CVSS5.8AI score0.0039EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2025-58190 affecting package cert-manager for versions less than 1.12.15-6

CVE-2025-58190 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...

5.3CVSS5.8AI score0.00482EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6

CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...

5.3CVSS5.8AI score0.00502EPSS
Exploits0
NVD
NVD
added 2026/03/10 9:16 p.m.6 views

CVE-2026-30962

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.6 and 8.6.19, the validation for protected fields only checks top-level query keys. By wrapping a query constraint on a protected field inside a logical operator, the check...

7.1CVSS0.00297EPSS
Exploits0References3
CVE
CVE
added 2026/03/10 8:42 p.m.14 views

CVE-2026-30962

Parse Server is vulnerable prior to versions 9.5.2-alpha.6 and 8.6.19 due to a flawed protection check that only validates top-level query keys for protected fields. By wrapping a query constraint on a protected field inside a logical operator, the check is bypassed, allowing any authenticated us...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/10 8:42 p.m.6 views

CVE-2026-30962 Parse Server has a protected fields bypass via logical query operators

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.6 and 8.6.19, the validation for protected fields only checks top-level query keys. By wrapping a query constraint on a protected field inside a logical operator, the check...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24455

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 9.5.2-alpha.6 Parse Server versions prior to 8.6.19 Description Parse Server, an open source backend deployable on Node.js infrastructures, contains a flaw in its validation process for protected fields. The...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Parse Server 访问控制错误漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. Versions of Parse Server prior to 9.5.2-alpha.6 and 8.6.19 contain an access control vulnerability caused by a bypass of protected field validation, which may le...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/03/10 12:0 a.m.8 views

git-lfs security update

3.6.1-7 - Rebuild with new Golang 3.6.1-6 - Rebuild with new Golang 3.6.1-5 - Rebuild with new Golang...

10CVSS6.8AI score0.01945EPSS
Exploits3
CBLMariner
CBLMariner
added 2026/03/09 2:32 p.m.4 views

CVE-2025-11065 affecting package opa for versions less than 0.63.0-6

CVE-2025-11065 affecting package opa for versions less than 0.63.0-6. A patched version of the package is available...

5.3CVSS5.8AI score0.00357EPSS
Exploits0
EUVD
EUVD
added 2026/03/06 11:25 p.m.6 views

EUVD-2026-10061

parse-server: Malformed $regex query leaks database error details in API response...

6.9CVSS5.8AI score0.00336EPSS
Exploits0References4
Circl
Circl
added 2026/03/06 7:37 p.m.5 views

CVE-2026-29075

creationtimestamp| type| source ---|---|--- 2026-03-06 19:37:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgg2r6gwah2o 2026-03-07 10:01:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mghl2tr2r22f...

9.8CVSS5.8AI score0.0037EPSS
Exploits0References2
Circl
Circl
added 2026/03/06 6:4 a.m.6 views

CVE-2026-28681

creationtimestamp| type| source ---|---|--- 2026-03-06 06:04:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgend7unkc2k 2026-03-06 08:07:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgeu6w36ns2f 2026-03-06 08:09:25+00:00| seen|...

8.1CVSS5.8AI score0.00427EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.9 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server prior to 8.6.7 and 9.5.0-alpha.6. These vulnerabilities stemmed from incorrect $regex query...

6.9CVSS5.8AI score0.00336EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.10 views

Dell Optimizer 6.x < 6.3.1.0 Privilege Escalation (DSA-2026-094)

The version of Dell Optimizer installed on the remote host is 6.x prior to 6.3.1.0. It is, therefore, affected by a vulnerability: - An improper link resolution before file access vulnerability that could allow a low privileged attacker with local access to exploit this vulnerability, leading to...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/05 8:16 p.m.4 views

CVE-2025-13350

Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector but backports upstream commit 8594d9b85c07 "afunix: Don’t call skbget for OOB skb". When orphaned MSGOOB sockets hit unixgc, the garbage collector still calls kfreeskb as if OOB SKBs held two references; on Ubuntu Linux 6.8 Noble...

7.1CVSS6AI score0.00146EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/03/03 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-5376-6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6AI score
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/02/25 9:47 a.m.7 views

Security update 5.1.2 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header paramete...

8.7CVSS5.5AI score0.00403EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/02/24 10:42 p.m.10 views

CVE-2026-23521

Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...

6.5CVSS5.4AI score0.0032EPSS
Exploits1References1
Rows per page
Query Builder