Lucene search
K

4578 matches found

Debian CVE
Debian CVE
added 2026/05/20 12:50 a.m.11 views

CVE-2026-43618

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...

8.1CVSS6AI score0.0078EPSS
Exploits0
EUVD
EUVD
added 2026/05/20 12:50 a.m.16 views

EUVD-2026-31011

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...

8.1CVSS6AI score0.0078EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-34159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor'...

9.8CVSS6.4AI score0.01126EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflo...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/19 6:29 p.m.170 views

nginx-rift-private-lab

NGINX Rift RCE Proof of concept for CVE-2026-42945, a cri...

9.2CVSS6.7AI score0.61469EPSS
Exploits40
UbuntuCve
UbuntuCve
added 2026/05/19 3:16 p.m.8 views

CVE-2026-8711

NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...

9.2CVSS6.1AI score0.00889EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.11 views

PT-2026-41939

Name of the Vulnerable Software and Affected Versions NGINX JavaScript affected versions not specified Description An issue exists when the 'js fetch proxy' directive is configured with at least one client-controlled NGINX variable, such as $http , $arg , or $cookie , and a location invokes the...

9.8CVSS6.5AI score0.00889EPSS
Exploits0References36
OSV
OSV
added 2026/05/15 8:50 a.m.9 views

BIT-NGINX-2026-42945 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

9.2CVSS6.4AI score0.61469EPSS
Exploits40References34
GithubExploit
GithubExploit
added 2026/05/15 3:5 a.m.110 views

Exploit for CVE-2026-42945

CVE-2026-42945 Actual Risk Assessment Scripts Native risk ass...

9.2CVSS6.3AI score0.61469EPSS
Exploits40
SUSE CVE
SUSE CVE
added 2026/05/14 3:1 a.m.13 views

SUSE CVE-2026-42945

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

8.6CVSS6.4AI score0.61469EPSS
Exploits40References13
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.46 views

CVE-2026-42945 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

9.2CVSS0.61469EPSS
Exploits40References1
CVE
CVE
added 2026/05/13 2:12 p.m.342 views

CVE-2026-42945

CVE-2026-42945 affects NGINX Open Source and NGINX Plus via the ngx_http_rewrite_module when a rewrite/if/set directive is followed by a PCRE capture and a replacement containing a question mark. This can cause a heap buffer overflow in the worker process and, on systems with ASLR disabled, poten...

9.2CVSS6.4AI score0.61469EPSS
In wildExploits40References33Affected Software7
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40681

Name of the Vulnerable Software and Affected Versions NGINX Plus and NGINX Open Source versions 0.6.27 through 1.30.0 Description A heap buffer overflow exists in the ngx http rewrite module module. The issue occurs when a rewrite directive is followed by a rewrite, if, or set directive and...

9.2CVSS6.8AI score0.61469EPSS
Exploits40References468
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: sane-backends (UTSA-2026-017583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017583 advisory. An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, su...

4.3CVSS5.8AI score0.01006EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.16 views

SUSE CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

7.5CVSS6.4AI score0.0018EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/05 12:30 a.m.7 views

CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

7.5CVSS6.4AI score0.0018EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/05 12:30 a.m.7 views

CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

7.5CVSS6.4AI score0.0018EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.9 views

PT-2026-36940

Name of the Vulnerable Software and Affected Versions Nix versions 2.24.4 through 2.34.6 Lix versions 2.93.0 through 2.95.1 Description Unbounded recursion in the NAR Nix Archive parser can lead to a stack-to-heap overflow when the parser operates on a coroutine stack. Because the stack is...

7.5CVSS6.4AI score0.0018EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013267 advisory. The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist becaus...

2.5CVSS7.4AI score0.00495EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013276 advisory. drivers/net/ethernet/xilinx/xilinxemaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints...

3.3CVSS7.4AI score0.00328EPSS
Exploits0References4
Rows per page
Query Builder