Lucene search
K

126 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/19 3:55 p.m.14 views

Security Bulletin: Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure in Langflow OSS

Summary Unauthenticated users can upload unlimited files to the Langflow OSS server via the deprecated /api/v1/upload/flowid endpoint without authentication or validation, leading to potential disk space exhaustion DoS and information disclosure through absolute file path leakage in API responses...

7.5CVSS5.8AI score0.00215EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/24 3:1 p.m.4 views

MINI-7F6Q-7528-W8Q5

Bulletin has no description...

7.7CVSS4.9AI score0.00377EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : firefox-115.14.0-2.el8_10.ML.1 (AXSA:2024-8694:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8694:28 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

9.8CVSS8.4AI score0.00602EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.7 views

CVE-2020-7528

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer...

7.8CVSS7.8AI score0.01357EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28129

Malware in sbrugna...

9.8CVSS9.2AI score0.0283EPSS
Exploits0References2
OSV
OSV
added 2025/09/20 3:16 p.m.2 views

MINI-X35R-7528-7CPP

Bulletin has no description...

6.5CVSS7AI score0.00489EPSS
Exploits1
Circl
Circl
added 2025/09/09 8:51 p.m.5 views

CVE-2025-7528

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:38+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

9CVSS5.9AI score0.00759EPSS
Exploits1
OSV
OSV
added 2025/08/17 6:49 a.m.1 views

MINI-X2MH-7528-65R6

Bulletin has no description...

8.2CVSS6.2AI score0.00979EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-7528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox 129, Firefox ESR 128.1, and...

9.8CVSS7.5AI score0.00487EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/15 12:14 p.m.16 views

CVE-2025-7528

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14408. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit ha...

9CVSS8.9AI score0.00759EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/13 11:32 a.m.4 views

CVE-2025-7528 Tenda FH1202 GstDhcpSetSer fromGstDhcpSetSer stack-based overflow

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14408. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit ha...

9CVSS9AI score0.00759EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 5:29 p.m.4 views

CVE-2020-6989

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code...

9.8CVSS7.9AI score0.0283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:29 p.m.4 views

CVE-2020-6985

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console...

10CVSS7.2AI score0.01646EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 p.m.7 views

CVE-2020-6993

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization...

7.5CVSS6.7AI score0.01305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 p.m.11 views

CVE-2020-6983

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered...

7.5CVSS6.9AI score0.01237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:41 p.m.8 views

CVE-2020-6987

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

7.5CVSS6.6AI score0.00812EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 7:11 p.m.7 views

RLSA-2024:5402 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozilla: Type...

9.6CVSS8.3AI score0.00602EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-7528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service segmentation fault via a crafted VIFF file...

6.5CVSS7.2AI score0.02923EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/25 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2024-0334)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.32568EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2024/10/04 12:0 a.m.18 views

openSUSE Security Advisory (SUSE-SU-2024:3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.04395EPSS
Exploits2References7
Rows per page
Query Builder