Lucene search
K

1294 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011173 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

5.5CVSS5.6AI score0.00149EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 1:2 p.m.10 views

OESA-2026-1956 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS6.2AI score0.00755EPSS
Exploits0References5
OSV
OSV
added 2026/04/17 1:2 p.m.7 views

OESA-2026-1955 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7.5AI score0.00755EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007349)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007349 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

5.5CVSS5.8AI score0.00149EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/15 8:16 p.m.4 views

CVE-2026-40917

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...

7.1CVSS5.8AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/04/15 8:16 p.m.4 views

UBUNTU-CVE-2026-40917

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...

7.1CVSS5.8AI score0.00167EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 5:38 a.m.3 views

CVE-2026-4151

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a specially crafted ANI Animated Cursor file or visiting a malicious web page. This issue stems from an integer overflow during the parsing of ANI files, caused by insufficient validation of...

7.8CVSS7.5AI score0.00664EPSS
Exploits0References5
NVD
NVD
added 2026/04/11 1:16 a.m.6 views

CVE-2026-4151

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS0.00664EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1494)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1494 advisory. In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 In the Linux kernel, the following vulnerability has be...

9.8CVSS6.5AI score0.00395EPSS
Exploits0References136
Amazon
Amazon
added 2026/03/27 12:0 a.m.14 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper CVE-2025-40110 In th...

7.8CVSS6.6AI score0.00395EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.3 views

GIMP < 3.2.0 Multiple Vulnerabilities (macOS)

The version of GIMP installed on the remote macOS host is prior to 3.2.0. It is, therefore, affected by multiple vulnerabilities: - An integer overflow condition exists in PSD file parsing due to improper validation of user-supplied data. An unauthenticated, local attacker can exploit this, via a...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.6 views

CVE-2026-33326

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS5.7AI score0.00257EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 8:16 p.m.4 views

CVE-2026-33326

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS0.00257EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 7:8 p.m.3 views

CVE-2026-33326

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS5.7AI score0.00257EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/24 7:8 p.m.5 views

CVE-2026-33326 @keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS5.7AI score0.00257EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/24 7:8 p.m.23 views

CVE-2026-33326 @keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2026/03/24 7:8 p.m.9 views

CVE-2026-33326

Summary: Keystone 6 core prior to 6.5.2 had a bypass in isFilterable for findMany via the cursor parameter, allowing potential disclosure by confirming protected field values. The root cause is that the cursor input type reused UniqueWhere checks not patched by the previous fix for CVE-2025-46720...

4.3CVSS5.7AI score0.00257EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/24 7:8 p.m.5 views

CVE-2026-33326 @keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany

Keystone is a content management system for Node.js. Prior to version 6.5.2, field.isFilterable access control can be bypassed in findMany queries by passing a cursor. This can be used to confirm the existence of records by protected field values. The fix for CVE-2025-46720 field-level isFilterab...

4.3CVSS5.8AI score0.00257EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.5 views

Keystone 安全漏洞

Keystone is a powerful CMS developed under OpenStack. It helps you build and expand faster than any other CMS or application framework. Versions of Keystone prior to 6.5.2 contained security vulnerabilities. These vulnerabilities stemmed from the findMany query, where the access control mechanism...

4.3CVSS5.8AI score0.00257EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.162 views

📄 Cursor IDE MCP Deeplink Remote Code Execution

This Metasploit module exploits the MCP deeplink functionality in Cursor IDE through social engineering. The cursor:// protocol handler can be abused when a user accepts an installation prompt, leading to arbitrary command execution...

8.8CVSS6.2AI score0.07598EPSS
Exploits2
Rows per page
Query Builder