Lucene search
K

120934 matches found

Ubuntu
Ubuntu
added 2026/02/03 3:15 a.m.2 views

USN-8004-1: FreeRDP vulnerabilities

Kim Dong Han discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.8CVSS6.1AI score0.00443EPSS
Exploits5
OSV
OSV
added 2026/02/03 3:15 a.m.2 views

USN-8004-1 freerdp2 vulnerabilities

Kim Dong Han discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.8CVSS6.2AI score0.00443EPSS
Exploits5References6
NVD
NVD
added 2026/02/03 1:15 a.m.7 views

CVE-2025-15556

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...

7.7CVSS0.01268EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/03 12:50 a.m.32 views

CVE-2025-15556 Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...

7.7CVSS0.01268EPSS
Exploits0References5
EUVD
EUVD
added 2026/02/03 12:50 a.m.7 views

EUVD-2025-206661

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...

7.7CVSS6.4AI score0.01268EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/03 12:50 a.m.4 views

CVE-2025-15556

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...

7.7CVSS6.4AI score0.01268EPSS
Exploits0References6
CVE
CVE
added 2026/02/03 12:50 a.m.54 views

CVE-2025-15556

Notepad++ versions prior to 8.8.9 using the WinGUp updater are affected by an update integrity verification vulnerability: downloaded update metadata and installers are not cryptographically verified. An attacker who can intercept or redirect update traffic can cause the updater to download and e...

7.7CVSS6.4AI score0.01268EPSS
In wildExploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.3 views

PT-2026-5816

StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the...

9.8CVSS6.5AI score0.00329EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

Lexmark多款产品 安全漏洞

The Lexmark CX410 is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is a multifunctional printer. Several products from Lexmark have security vulnerabilities; these vulnerabilities stem from the Postscri...

6.9CVSS7.5AI score0.00517EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-5945

Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description A relative path traversal issue exists in the Embedded Solutions Framework used in Lexmark devices. An attacker could potentially use this to execute arbitrary co...

8.8CVSS6AI score0.00614EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6195

Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description A stack-based buffer overflow exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution. Recommendations At th...

9.8CVSS6.2AI score0.00745EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/03 12:0 a.m.26 views

CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...

0.00223EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 12:0 a.m.25 views

CVE-2025-70560

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

0.00143EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Victor CMS 跨站脚本漏洞

Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the commentauthor POST parameter, which could all...

7.2CVSS5.9AI score0.00234EPSS
Exploits1References3
CVE
CVE
added 2026/02/03 12:0 a.m.9 views

CVE-2025-67189

CVE-2025-67189 affects TOTOLINK A950RG, specifically the setParentalRules interface where the urlKeyword parameter is not properly validated. The vulnerability arises from concatenating multiple user-supplied fields into a fixed-size stack buffer without boundary checks, enabling a remote attacke...

6.5CVSS6.3AI score0.00425EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-69209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attack...

6.9CVSS6.6AI score0.00149EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5948

Name of the Vulnerable Software and Affected Versions Lexmark CX532adwe affected versions not specified Description A type confusion exists within the Postscript interpreter in Lexmark devices. This issue allows an attacker to execute arbitrary code as an unprivileged user. The vulnerability was...

6.9CVSS6AI score0.00478EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5949

Name of the Vulnerable Software and Affected Versions Lexmark devices affected versions not specified Description An out-of-bounds read issue exists in the Postscript interpreter used in Lexmark devices. An attacker can potentially use this to execute arbitrary code with unprivileged user...

6.9CVSS6.1AI score0.00517EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

StreamRipper32 安全漏洞

StreamRipper32 is an open-source tool developed by StreamRipper for capturing and saving MP3 files from online radio stations. Version 2.6 of StreamRipper32 contains a security vulnerability, which stems from a buffer overflow in the Station/Song Section component, potentially allowing arbitrary...

9.8CVSS6.3AI score0.00329EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

LizardSystems LanSend 安全漏洞

LizardSystems LanSend is a local area network message sending tool developed by LizardSystems Corporation. Version 3.2 of LizardSystems LanSend contains a security vulnerability. This vulnerability stems from the addition of a computer wizard file import function that has a buffer overflow issue,...

9.8CVSS6.3AI score0.00453EPSS
Exploits0References3
Rows per page
Query Builder