Lucene search
K

49839 matches found

OSV
OSV
added 2026/06/25 11:51 a.m.2 views

OPENSUSE-SU-2026:21057-1 Security update for libssh2_org

This update for libssh2org fixes the following issues - CVE-2026-55199: pre-Authentication DoS via SSHMSGEXTINFO Handler bsc1268530. - CVE-2026-55200: out-of-Bounds write via Unchecked packetlength in transport.c bsc1268531...

9.2CVSS7.4AI score0.00732EPSS
Exploits11References4
OSV
OSV
added 2026/06/25 8:11 a.m.3 views

SUSE-SU-2026:2626-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. - CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are...

7.4CVSS5.7AI score0.00394EPSS
Exploits4References11
RedHat Linux
RedHat Linux
added 2026/06/25 6:40 a.m.11 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:13 p.m.23 views

CVE-2026-52796 Gogs: DoS in rendering issue index pattern

Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, RenderIssueIndexPattern renders the issue index pattern to a link using com.Expand, which is not...

3.5CVSS0.00284EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:50 p.m.5 views

CVE-2026-50129

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18, and 4.3.24, a DoS can be triggered by Uncaught Exception vulerability, due to missing exception handling in the math sanitizer. Malformed nodes can result in a DoS of a whole server or targeted...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.7 views

CVE-2025-61018

A flaw was found in openlink virtuoso-opensource. This vulnerability allows attackers to cause a Denial of Service DoS by sending specially crafted SQL statements to the sqloplacedtset component. A successful exploit could make the service unavailable to legitimate users...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 2:4 p.m.5 views

Security Bulletin: The Network Threat Analytics App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Network Threat Analytics App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-0994 DESCRIPTION: A...

8.2CVSS5.8AI score0.00613EPSS
Exploits0Affected Software1
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.11 views

libtasn1 security update

An update is available for libtasn1. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A library that provides Abstract Syntax Notation One ASN.1, as specified by...

7.5CVSS7.4AI score0.01109EPSS
Exploits0
OSV
OSV
added 2026/06/24 12:0 a.m.4 views

ALSA-2026:29195 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

RockyLinux 9 : skopeo (RLSA-2026:28074)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:28074 advisory. crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32281 crypto/tls: golang: Go crypto/tls:...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

AlmaLinux 9 : skopeo (ALSA-2026:28074)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28074 advisory. crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32281 crypto/tls: golang: Go crypto/tls:...

7.5CVSS5.9AI score0.00621EPSS
Exploits0References5
CVE
CVE
added 2026/06/23 4:26 p.m.20 views

CVE-2026-55446

Langflow before version 1.0.19 is vulnerable to unauthenticated DoS on the /api/v1/files/upload/ endpoint by sending a multipart/form-data request with an extremely long boundary. The vulnerability allows an attacker to cause the server to become unusable for all users for an indefinite period, w...

7.5CVSS5.9AI score0.00321EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/23 3:36 a.m.11 views

CVE-2026-55654

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS5.8AI score0.00308EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 12:0 a.m.34 views

CVE-2025-61020

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

0.00482EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 12:0 a.m.15 views

CVE-2025-61023

The CVE-2025-61023 entry concerns openlink virtuoso-opensource, specifically the st_compare component in version 7.2.11. Multiple connected sources confirm that a flaw in st_compare can be exploited by sending crafted SQL statements, resulting in a Denial of Service (DoS) that can render the serv...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Oracle Linux 9 : podman (ELSA-2026-19173)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19173 advisory. - fixes CVE-2026-34986 go-jose: Go JOSE Denial of Service via crafted JWE Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS6AI score0.00651EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Oracle Linux 9 : bind (ELSA-2026-18786)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18786 advisory. - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 Tenable has...

8.6CVSS6.9AI score0.1096EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.2CVSS6AI score0.00331EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 12:0 a.m.8 views

CVE-2025-55639

GPAC MP4Box v2.4 contains a NULL pointer dereference in gf_isom_add_track_kind() (isomedia/isom_write.c), enabling a Denial of Service via a crafted MP4 file. A PoC exists in public references; exploitation status is shown as available in the metrics. No patch/version mitigation is specified in t...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 5:15 p.m.15 views

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.6AI score0.01051EPSS
Exploits7References11
Rows per page
Query Builder