Lucene search
K

120943 matches found

Cvelist
Cvelist
added 2026/02/03 12:0 a.m.26 views

CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...

0.00223EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 12:0 a.m.25 views

CVE-2025-70560

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

0.00143EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Victor CMS 跨站脚本漏洞

Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the commentauthor POST parameter, which could all...

7.2CVSS5.9AI score0.00234EPSS
Exploits1References3
CVE
CVE
added 2026/02/03 12:0 a.m.9 views

CVE-2025-67189

CVE-2025-67189 affects TOTOLINK A950RG, specifically the setParentalRules interface where the urlKeyword parameter is not properly validated. The vulnerability arises from concatenating multiple user-supplied fields into a fixed-size stack buffer without boundary checks, enabling a remote attacke...

6.5CVSS6.3AI score0.00425EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-69209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attack...

6.9CVSS6.6AI score0.00149EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5948

Name of the Vulnerable Software and Affected Versions Lexmark CX532adwe affected versions not specified Description A type confusion exists within the Postscript interpreter in Lexmark devices. This issue allows an attacker to execute arbitrary code as an unprivileged user. The vulnerability was...

6.9CVSS6AI score0.00478EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5949

Name of the Vulnerable Software and Affected Versions Lexmark devices affected versions not specified Description An out-of-bounds read issue exists in the Postscript interpreter used in Lexmark devices. An attacker can potentially use this to execute arbitrary code with unprivileged user...

6.9CVSS6.1AI score0.00517EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

StreamRipper32 安全漏洞

StreamRipper32 is an open-source tool developed by StreamRipper for capturing and saving MP3 files from online radio stations. Version 2.6 of StreamRipper32 contains a security vulnerability, which stems from a buffer overflow in the Station/Song Section component, potentially allowing arbitrary...

9.8CVSS6.3AI score0.00329EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Kubernetes ingress-nginx 安全漏洞

Kubernetes ingress-nginx is a Kubernetes entry controller open-sourced by the Cloud Native Computing Foundation. It uses NGINX as a reverse proxy and load balancer. There is a security vulnerability in Kubernetes ingress-nginx; this vulnerability stems from the rules.http.paths.path Ingress field...

8.8CVSS7.7AI score0.00501EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

LizardSystems LanSend 安全漏洞

LizardSystems LanSend is a local area network message sending tool developed by LizardSystems Corporation. Version 3.2 of LizardSystems LanSend contains a security vulnerability. This vulnerability stems from the addition of a computer wizard file import function that has a buffer overflow issue,...

9.8CVSS6.3AI score0.00453EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

Roland Cloud Manager 代码问题漏洞

Roland Cloud Manager is a software management platform developed by the Japanese company Roland. Versions of Roland Cloud Manager 3.1.19 and earlier contained code vulnerabilities due to insecure loading of dynamic link libraries. These vulnerabilities could allow attackers to execute arbitrary...

8.4CVSS7.5AI score0.00144EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Lexmark多款产品 安全漏洞

The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...

6.9CVSS7.5AI score0.00478EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-70559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMa...

8.6CVSS8AI score0.00281EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

ELECOM多款产品 安全漏洞

ELECOM WAB-S600-PS, among others, are products from the Japanese company ELECOM. ELECOM WAB-S600-PS is a wireless access point. ELECOM WAB-S300 is also a wireless access point. ELECOM WAB-S733IW2-PD is a wireless access point device. Several of ELECOM’s products have security vulnerabilities; the...

9.8CVSS7.6AI score0.00745EPSS
Exploits0References3
CVE
CVE
added 2026/02/03 12:0 a.m.13 views

CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation, allowing an attacker who can place a malicious pickle file in a reachable location to trigger arbitrary...

6.5CVSS8.1AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

iccDEV 缓冲区错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.2 contained a buffer error vulnerability. This vulnerability stemmed from the icFixXml function, which, when processing malformed ICC configuration files,...

7.8CVSS6.4AI score0.00201EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

Lexmark 安全漏洞

Lexmark is a series of printers produced by the American company Lexmark. Several Lexmark products have security vulnerabilities, which stem from relative path traversal in the embedded solution framework, potentially allowing for the execution of arbitrary code. The following products are...

8.8CVSS6.1AI score0.00614EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.10 views

Flexense Disk Sorter Enterprise 代码问题漏洞

Flexense Disk Sorter Enterprise is a file management and disk space analysis software developed by Flexense Corporation. Version 12.4.16 of Flexense Disk Sorter Enterprise contains a code vulnerability. This vulnerability stems from a service path vulnerability in service configurations that lack...

8.5CVSS6.2AI score0.00119EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

Lexmark多款产品 安全漏洞

The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...

6.9CVSS7.6AI score0.00477EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.7 views

Security update for libsoup (important)

openSUSE security update: security update for libsoup ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20142-1 Rating: important References: bsc1250562 bsc1256399 bsc1256418 Cross-References: CVE-2025-11021 CVE-2026-0716 CVE-2026-0719 CVSS scores:...

9.2CVSS6.7AI score0.00594EPSS
Exploits0References3
Rows per page
Query Builder