Lucene search
K

113 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.2 views

PYSEC-2026-945 Overflow in `ResizeNearestNeighborGrad`

Impact When tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows. import tensorflow as tf aligncorners = True halfpixelcenters = False grads = tf.constant1, shape=1,8,16,3, dtype=tf.float16 size = tf.constant1879048192,1879048192, shape=2, dtype=tf.int32...

4.8CVSS7AI score0.0044EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2026/07/06 8:58 p.m.8 views

Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet coordinator

Summary The tailnet coordinator validates that an agent's Addresses derive from its authenticated UUID but applies no equivalent check to AllowedIPs. The coordinator forwards agent-supplied AllowedIPs verbatim to tunnel peers which install them into the WireGuard peer configuration. Impact A...

8.2CVSS6AI score0.00405EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/07/06 8:50 p.m.6 views

Coder's OIDC email_verified type coercion bypass enables account takeover via unverified email linking

Summary Coder's OIDC callback checked emailverified with a direct Go bool type assertion. When an IdP returned the claim as a non-boolean for example the string "false" or omitted it, the assertion failed open and the email was treated as verified. Combined with an unconditional email-based accou...

7.4CVSS5.9AI score0.00479EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.5 views

Oracle Linux 8 : postgresql:13 (ELSA-2026-28208)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28208 advisory. - Backport fix for CVE-2026-6478 from PostgreSQL 14.23 - Backport fixes for CVE-2026-6637, CVE-2026-6477, CVE-2026-6475, CVE-2026-6473 - fix CVE-2026-2004...

8.8CVSS7.1AI score0.89914EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.8 views

MiracleLinux 8 : xorg-x11-server-1.20.11-28.el8_10.2 (AXSA:2026-803:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-803:05 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2026/06/19 12:3 a.m.8 views

xorg-x11-server security, bug fix, and enhancement update

An update is available for xorg-x11-server. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org is an open-source implementation of the X Window System. It...

7.8CVSS5.8AI score0.00165EPSS
Exploits0
OSV
OSV
added 2026/06/17 12:0 a.m.5 views

ALSA-2026:26562 Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch CVE-2026-50256 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server:...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References20
Github Security Blog
Github Security Blog
added 2026/05/11 2:50 p.m.11 views

Facebook React has a Denial of Service Vulnerability in React Server Components

Impact A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to out-of-memory exceptions or excessive CPU usage. We recommend updating immediately. The vulnerability exists in versions 19.0.0 through 19.0.5,...

7.5CVSS5.9AI score0.01533EPSS
Exploits1References5Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.15 views

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50239)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50239 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501...

9.8CVSS7.4AI score0.05552EPSS
Exploits4References7
OSV
OSV
added 2026/04/17 6:31 p.m.4 views

GHSA-574F-3G2M-X479 Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

The GOST 28147-2015 CTR mode implementation G3413CTRBlockCipher in the Legion of the Bouncy Castle BC-JAVA bcprov core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe...

9.3CVSS7.3AI score0.00313EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

Oracle Linux 10 : freerdp (ELSA-2026-6799)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6799 advisory. 2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes...

9.8CVSS6AI score0.00656EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.7 views

Fedora 42 : mingw-binutils (2026-fe96f3532b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fe96f3532b advisory. Backport fixes for multiple CVEs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS6AI score0.00502EPSS
Exploits10References13
Oracle linux
Oracle linux
added 2026/03/30 12:0 a.m.8 views

freerdp security update

2:2.11.7-1.3 - Backport several CVE fixes Resolves: RHEL-151988, RHEL-152215...

8.8CVSS5.8AI score0.00537EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27282

Name of the Vulnerable Software and Affected Versions Briefcase versions 0.3.0 through 0.3.25 Description Briefcase, a tool for converting Python projects into standalone native applications, has an issue where the installation process for Windows MSI installers, when set to install for All Users...

7.3CVSS6AI score0.00132EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/03/11 1:19 p.m.5 views

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

6.2CVSS5.4AI score0.00146EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.4 views

Oracle Linux 8 : freerdp (ELSA-2026-3334)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3334 advisory. 2:2.11.7-3 - Backport several CVE fixes Resolves: RHEL-148825, RHEL-148865, RHEL-148982 Tenable has extracted the preceding description block directly...

9.1CVSS5.8AI score0.00756EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.3 views

Fedora 42 : mingw-libsoup (2026-07b73214fc)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-07b73214fc advisory. Backport fixes for CVE-2026-0716, CVE-2026-0719. Tenable has extracted the preceding description block directly from the Fedora security advisory...

8.6CVSS5.7AI score0.00557EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/02/05 12:0 a.m.7 views

freerdp security update

2:2.11.7-2 - Backport several CVE fixes Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353 Resolves: RHEL-142337, RHEL-142321...

9.8CVSS5.3AI score0.00443EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Oracle Linux 8 : freerdp (ELSA-2026-2081)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2081 advisory. 2:2.11.7-2 - Backport several CVE fixes Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353 Resolves: RHEL-142337, RHEL-142321...

9.8CVSS5.9AI score0.00443EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.4 views

Fedora 41 : mbedtls (2025-fe7ea8bbdd)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-fe7ea8bbdd advisory. Backport CVE fixes from 3.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

5.3CVSS5.5AI score0.0024EPSS
Exploits0References2
Rows per page
Query Builder