Lucene search
K

120341 matches found

OSV
OSV
•added 3 days ago•4 views

DEBIAN-CVE-2026-14612

Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause out-of-bounds memory access when processing an oversized response from a configured external OAuth2/OIDC Identity Provider. An attacker who controls or can man-in-the-middle the IdP endpoint may b...

4.2CVSS6AI score0.00142EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•3 views

CGA-5Q9R-44PM-G2Q2

Bulletin has no description...

5.9AI score0.00023EPSS
Exploits0
OSV
OSV
•added 3 days ago•3 views

MINI-JCFP-6VQ7-95XJ

Bulletin has no description...

9.1CVSS5.9AI score0.00466EPSS
Exploits0
OSV
OSV
•added 3 days ago•4 views

MINI-MQ98-3HMQ-MXM4

Bulletin has no description...

9.1CVSS5.9AI score0.00373EPSS
Exploits0
OSV
OSV
•added 3 days ago•4 views

MINI-J4MC-J5PM-Q6G3

Bulletin has no description...

9.1CVSS5.9AI score0.00373EPSS
Exploits0
OSV
OSV
•added 3 days ago•4 views

MINI-CH6F-F38H-VFJV

Bulletin has no description...

9.1CVSS5.9AI score0.00466EPSS
Exploits0
OSV
OSV
•added 3 days ago•4 views

MINI-9F62-RJ95-WWCQ

Bulletin has no description...

9.1CVSS5.9AI score0.0036EPSS
Exploits0
OSV
OSV
•added 3 days ago•6 views

MINI-3CCF-2C8P-VVXR

Bulletin has no description...

9.1CVSS5.9AI score0.0036EPSS
Exploits0
OSV
OSV
•added 3 days ago•5 views

MINI-JV4C-6JQW-FFG3

Bulletin has no description...

9.1CVSS5.9AI score0.00373EPSS
Exploits0
OSV
OSV
•added 3 days ago•4 views

MINI-238W-5FV7-C6VM

Bulletin has no description...

9.1CVSS5.9AI score0.00466EPSS
Exploits0
OSV
OSV
•added 3 days ago•6 views

MINI-32C6-97VG-WWPF

Bulletin has no description...

9.1CVSS5.9AI score0.0036EPSS
Exploits0
OSV
OSV
•added 3 days ago•3 views

DEBIAN-CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score0.00082EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•3 views

DEBIAN-CVE-2026-14544

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS6.3AI score0.00511EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•3 views

CGA-CWXR-C5VF-P22P

Bulletin has no description...

6.3CVSS5.9AI score0.0037EPSS
Exploits0
ATTACKERKB
ATTACKERKB
•added 3 days ago•6 views

CVE-2026-9756

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References9
EUVD
EUVD
•added 3 days ago•7 views

EUVD-2026-41522

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References8
OSV
OSV
•added 3 days ago•5 views

DEBIAN-CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

6AI score0.00187EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•9 views

DEBIAN-CVE-2026-8926

When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...

6AI score0.00196EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•7 views

DEBIAN-CVE-2026-8927

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

5.9AI score0.0025EPSS
Exploits0References1
OSV
OSV
•added 3 days ago•4 views

DEBIAN-CVE-2026-9079

libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them...

6AI score0.0025EPSS
Exploits0References1
Rows per page
Query Builder