Lucene search
+L

3362 matches found

CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

FOSSBilling 信息泄露漏洞

FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to information leakage. This vulnerability stemmed from a parameter leakage system version...

6.9CVSS5.4AI score0.00279EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/02 1:11 a.m.20 views

[SECURITY] Fedora 43 Update: unbound-1.25.1-1.fc43

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

10CVSS5.8AI score0.01272EPSS
Exploits0
Snyk
Snyk
added 2026/06/02 12:0 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via unbounded caching of StringLinkRelation instances. An attacker can cause denial of service by supplying a large number of unique link relation values, causing the static cache to...

8.7CVSS5.5AI score0.00299EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/01 2:43 a.m.34 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 10:28 a.m.6 views

BIT-NEO4J-2026-1471 Caching of authentication context

Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.1.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO UserInfo endpoint. We recomme...

6.5CVSS5.8AI score0.00244EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.8 views

batman-adv: stop caching unowned originator pointers in BAT IV

...

8.8CVSS5.4AI score0.00262EPSS
Exploits0
EUVD
EUVD
added 2026/05/28 6:27 p.m.17 views

EUVD-2026-32985

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 6:27 p.m.14 views

CVE-2026-47330

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 6:27 p.m.41 views

CVE-2026-47330 Use of uninitialized value in Ubuntu Linux AppArmor notification handling

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS0.00092EPSS
Exploits0References1
CVE
CVE
added 2026/05/28 6:27 p.m.47 views

CVE-2026-47330

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches that can use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses. Affected component: AppArmor/notif...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/28 6:27 p.m.8 views

GHSA-W76H-Q7C6-JPJP compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem

A source code audit led to the discovery of three significant security vulnerabilities in the trestle/core/remote/cache.py module. Finding 1 Critical: SSRF CWE-918 The HTTPSFetcher.dofetch method passes a user-supplied URL directly to requests.get without validation. This allows an attacker to...

6.7CVSS6AI score0.00012EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/28 6:27 p.m.17 views

compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem

A source code audit led to the discovery of three significant security vulnerabilities in the trestle/core/remote/cache.py module. Finding 1 Critical: SSRF CWE-918 The HTTPSFetcher.dofetch method passes a user-supplied URL directly to requests.get without validation. This allows an attacker to...

6AI score0.00012EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/28 4:16 p.m.9 views

PYSEC-2026-192

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and...

7.5CVSS5.9AI score0.00335EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 9:41 a.m.4 views

CVE-2026-46238 batman-adv: stop caching unowned originator pointers in BAT IV

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.13 views

SUSE CVE-2026-45912

In the Linux kernel, the following vulnerability has been resolved: ext4: don't cache extent during splitting extent Caching extents during the splitting process is risky, as it may result in stale extents remaining in the status tree. Moreover, in most cases, the corresponding extent block entri...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/28 1:53 a.m.17 views

CVE-2026-45912

A flaw was found in the Linux kernel's ext4 filesystem. During certain file operations, specifically when splitting data extents, an issue with caching can lead to incorrect tracking of disk space. This can result in errors in space accounting, potentially impacting data integrity and the overall...

7CVSS5.8AI score0.00123EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Python Liquid 路径遍历漏洞

Python Liquid is a Python engine developed by James for processing Liquid templates. Versions of Python Liquid prior to 2.2.0 had a path traversal vulnerability. This vulnerability stemmed from the lack of protection in FileSystemLoader and CachingFileSystemLoader against reading absolute paths,...

8.2CVSS5.8AI score0.00335EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/28 12:0 a.m.19 views

CVE-2026-47330

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS6.1AI score0.00092EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.24 views

PT-2026-44731

Name of the Vulnerable Software and Affected Versions Trestle affected versions not specified Description Security issues were discovered in the trestle/core/remote/cache.py module. The HTTPSFetcher. do fetch function passes a user-supplied URL directly to requests.get without validation, enablin...

6.7CVSS6.2AI score0.00012EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44479

Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 7.0 Ubuntu Linux version 7.17 Description AppArmor SAUCE patches contain an issue where an uninitialized variable may be used within the notification handling code. This can be triggered by an...

3.3CVSS5.8AI score0.00092EPSS
Exploits0
Rows per page
Query Builder