Lucene search
K

341 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:35 a.m.6 views

CVE-2023-41057

hyper-bump-it is a command line tool for updating the version in project files.hyper-bump-it reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched fil...

5.5CVSS6.8AI score0.00336EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 p.m.10 views

CVE-2021-32657

Nextcloud Server is a Nextcloud package that handles data storage. In versions of Nextcloud Server prior to 10.0.11, 20.0.10, and 21.0.2, a malicious user may be able to break the user administration page. This would disallow administrators to administrate users on the Nextcloud instance. The...

4.3CVSS6.5AI score0.01823EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.6 views

nmstate enhancement update

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Nmstate is a library with an accompanying command line tool that manages host...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2025/04/16 12:30 p.m.44 views

Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies

This project is a command line tool and python library that uses Wappalyzer extension and its fingerprints to detect technologies. Other projects emerged after discontinuation of the official open source project are using outdated fingerpints and lack accuracy when used on dynamic web-apps, this...

7.1AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.9 views

The vulnerability of the command-line tool of the Zstandard data compression library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the command-line tool of the Zstandard data compression library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.01588EPSS
Exploits0References11Affected Software3
GithubExploit
GithubExploit
added 2025/04/07 10:54 a.m.324 views

Exploit for CVE-2025-29927

NextSploit: Next.js CVE-2025-29927 Scanner & Exploiter...

9.1CVSS7.3AI score0.99301EPSS
Exploits58
OSV
OSV
added 2025/04/02 8:15 a.m.7 views

CVE-2024-39780

A YAML deserialization vulnerability was found in the Robot Operating System ROS 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load functi...

9.8CVSS7.8AI score
Exploits0References1
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

nmstate bug fix and enhancement update

An update is available for nmstate. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Nmstate is a library with an accompanying command line tool that manages host...

7.3AI score
Exploits0
Fedora
Fedora
added 2025/03/10 1:15 a.m.10 views

[SECURITY] Fedora 41 Update: buildah-1.39.2-1.fc41

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

8.7CVSS7.4AI score0.00369EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-27815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial ...

5.5CVSS6.1AI score0.01268EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/02/26 4:15 p.m.85 views

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

8.1CVSS6.1AI score0.00352EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2025/02/18 8:15 p.m.2 views

CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS6.8AI score0.00262EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/14 6:52 p.m.11 views

CVE-2025-25204

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS6.3AI score0.00375EPSS
Exploits0References6
NVD
NVD
added 2025/02/14 5:15 p.m.24 views

CVE-2025-25204

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS0.00375EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/14 4:38 p.m.7 views

CVE-2025-25204 `gh attestation verify` returns incorrect exit code during verification if no attestations are present

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS6.3AI score0.00375EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/14 4:38 p.m.20 views

CVE-2025-25204 `gh attestation verify` returns incorrect exit code during verification if no attestations are present

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...

6.3CVSS0.00375EPSS
Exploits0References3
Fedora
Fedora
added 2025/01/09 2:3 a.m.13 views

[SECURITY] Fedora 41 Update: curl-8.9.1-3.fc41

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

6.5CVSS7.3AI score0.0197EPSS
Exploits1
OSV
OSV
added 2024/12/12 2:2 a.m.6 views

AZL-54327 CVE-2024-45337 affecting package cf-cli for versions less than 8.7.3-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.7AI score0.03153EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/10/03 4:46 p.m.27 views

CVE-2024-0125

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service...

3.3CVSS0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/03 4:46 p.m.13 views

CVE-2024-0125

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service...

3.3CVSS4.1AI score0.00201EPSS
Exploits0References1
Rows per page
Query Builder