Lucene search
K

12 matches found

CVE
CVE
added 2026/06/18 8:31 p.m.27 views

CVE-2026-45696

CVE-2026-45696 affects OpenEXR 3.4.0–3.4.11, where the HTJ2K decoder’s ht_undo_impl() can perform a heap-buffer-overflow READ due to a width mismatch between the EXR codestream and the declared line width. The decoder copies 32-bit samples from cur_line->i32[] without validating the OpenJPH li...

8.3CVSS5.6AI score0.00263EPSS
Exploits1References5Affected Software1
GithubExploit
GithubExploit
added 2026/05/14 12:13 p.m.150 views

Exploit for CVE-2026-8181

CVE-2026-8181 — Burst Statistics Authentication Bypass to Admi...

9.8CVSS5.8AI score0.14608EPSS
Exploits10
Vulnrichment
Vulnrichment
added 2026/04/24 6:46 p.m.4 views

CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

8.2CVSS5.5AI score0.00269EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29622

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.6 Description OpenEXR, a specification and reference implementation of the EXR file format used in the motion picture industry, contains a flaw. A crafted .exr file utilizing HTJ2K compression and a channel...

8.4CVSS6.4AI score0.00611EPSS
Exploits1References23
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.7 views

ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +1035 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-starter-actuator (>=3.4.0 <=3.4.13)

org.springframework.boot:spring-boot-starter-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =0.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.1.2 and more Source cves: CVE-2026-22731 Source advisory: OSV:GHSA-8HFC-FQ58-R658...

8.2CVSS7.4AI score0.00334EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/12/17 5:37 p.m.212 views

Exploit for CVE-2025-68434

CVE-2025-68434: CSRF Unauthorized Administrator Creation in Op...

6.8AI score0.00309EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2025/11/07 5:33 p.m.4 views

CVE-2025-58243

Missing Authorization vulnerability in Jthemes imEvent imevent allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects imEvent: from n/a through = 3.4.0...

5.3CVSS7AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 7:23 p.m.5 views

CVE-2025-53343

Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through = 3.4.0...

4.3CVSS5.9AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 7:15 p.m.4 views

CVE-2025-53343

Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through = 3.4.0...

4.3CVSS0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.4 views

PT-2025-33374 · Unknown · Goodlayers Modernize

Name of the Vulnerable Software and Affected Versions: GoodLayers Modernize versions through 3.4.0 Description: The software contains a missing authorization flaw that allows exploitation due to incorrectly configured access control security levels. Recommendations: Update GoodLayers Modernize to...

4.3CVSS7.2AI score0.0022EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 11:40 a.m.5 views

CVE-2025-24754

Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...

4.3CVSS7.2AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2025/04/14 9:15 p.m.6 views

CVE-2022-43851

IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS5.2AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder