Lucene search
K

206159 matches found

Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31297

Name of the Vulnerable Software and Affected Versions CoolerControl/coolercontrold versions prior to 4.0.0 Description A command injection issue exists in alerts within CoolerControl/coolercontrold. Authenticated attackers can execute arbitrary code as root by injecting bash commands into alert...

8.2CVSS6.2AI score0.00972EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Red Hat Quay 代码问题漏洞

Red Hat Quay is a distributed container image repository provided by the American company Red Hat. It is primarily used for building, distributing, and deploying containers. Red Hat Quay has code-related vulnerabilities. These vulnerabilities arise from the possibility of tampering with the...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31544

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository versions 3.22.1 through 3.90.2 Description A flaw exists in the task management component of Sonatype Nexus Repository. An authenticated attacker possessing task creation permissions can execute arbitrary code,...

9.4CVSS5.7AI score0.00359EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from SWIG filenames marked with the "go" label and containing carefully crafted malicious...

8.8CVSS6.3AI score0.00658EPSS
Exploits0References4
CNVD
CNVD
added 2026/04/08 12:0 a.m.4 views

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-16993)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

8.8CVSS6.2AI score0.0035EPSS
Exploits0
CNVD
CNVD
added 2026/04/08 12:0 a.m.9 views

Memory Corruption Vulnerability in Multiple Mozilla Products (CNVD-2026-16994)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory corruption vulnerability exists in multiple Mozilla products,...

9.8CVSS6.2AI score0.0034EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior to the version v1.0 1.7.1 Build 20260213, the TP-Link Archer AX53 had a security vulnerability. This vulnerability stemmed from insufficient input validation in the dnsmasq module, which could allow authenticated...

8.5CVSS7.7AI score0.01232EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.12 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager developed by Sonatype, Inc. in the United States. It is primarily used for managing, storing, and distributing software. Versions of Sonatype Nexus Repository 3.90.2 and earlier contain security vulnerabilities. These vulnerabilities stem from...

9.4CVSS6AI score0.00359EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/04/08 12:0 a.m.17 views

KLA91054 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebCodecs can be exploited to cause denial of service. 2. Use aft...

9.6CVSS6.6AI score0.05036EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Oracle Linux 8 : vim (ELSA-2026-6915)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6915 advisory. - RHEL-159620 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155428 CVE-2026-28417 vim: Vim: Arbitrary...

7.8CVSS6.3AI score0.01162EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.115 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete list of sandbox properties, which could allow bypassing security restrictions and...

9.9CVSS5.9AI score0.00541EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/07 11:16 p.m.5 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.5AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/07 11:16 p.m.5 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.6AI score0.00656EPSS
Exploits5References14
Snyk
Snyk
added 2026/04/07 11:9 p.m.3 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the DANE client authentication process. An attacker can cause memory corruption, application crashes, or potentially execute arbitrary code by manipulating TLSA records with both PKIX-TA/PKIX-EE and DANE-TA certificate...

9.2CVSS6AI score0.00631EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-35197

dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...

9.8CVSS6.1AI score0.00291EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/04/07 10:55 p.m.14 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.8CVSS6.3AI score0.01162EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/07 9:38 p.m.1 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corrupti...

9.8CVSS7.2AI score0.00424EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/07 9:38 p.m.4 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume th...

9.8CVSS7.2AI score0.00424EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/07 8:17 p.m.0 views

Deserialization of Untrusted Data

Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the algofrompickle function in monai/auto3dseg/utils.py. An attacker can execute arbitrary code by providing a crafted pickle file that is deserialized...

8.8CVSS6.2AI score
Exploits0References2
NVD
NVD
added 2026/04/07 8:16 p.m.4 views

CVE-2026-32863

There is a memory corruption vulnerability due to an out-of-bounds read in sentrytransactioncontextsetoperation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafte...

8.5CVSS0.00193EPSS
Exploits0References1
Rows per page
Query Builder