Lucene search
K

484 matches found

OSV
OSV
added 2026/06/26 8:24 p.m.3 views

JLSEC-2026-647 It is possible to cause an use-after-free write in SANM decoding with a carefully crafted...

It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion storedframe. Stored frames can later be referenced by FTCH chunks. For files using subversion storedframe. Leaving ctx-hasdimensions set to false. A subsequent chunk with type...

8.7CVSS6AI score0.00167EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:24 p.m.5 views

JLSEC-2026-646 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS6.6AI score0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.31 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.4 views

Vertiv Liebert SiteScan Cross-site Scripting (CVE-2024-5540)

CWE-79 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products in versions older than 8.0. Untrusted data is included in web pages without proper validation, allowing...

6.9CVSS5.9AI score0.00272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Vertiv Liebert SiteScan Incorrect Authorization (CVE-2024-5539)

CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...

9.2CVSS5.9AI score0.00287EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/15 7:54 a.m.15 views

Moderate: Red Hat Security Advisory: mysql:8.0 security update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS7.8AI score0.00323EPSS
Exploits0References23
OSV
OSV
added 2026/06/11 10:9 a.m.9 views

RHSA-2026:25110 Red Hat Security Advisory: .NET 8.0 security update

Bulletin has no description...

7.5CVSS5.2AI score0.0243EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.16 views

Unity Linux 20.1070e Security Update: mysql-connector-java (UTSA-2026-016694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016694 advisory. Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult to...

6.3CVSS6.7AI score0.00501EPSS
Exploits0References4
Fedora
Fedora
added 2026/05/21 12:57 a.m.17 views

[SECURITY] Fedora 44 Update: mysql8.0-8.0.46-1.fc44

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

6.5CVSS7.3AI score0.00323EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.10 views

Fedora 42 : mysql8.0 (2026-b78d5204fe)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b78d5204fe advisory. MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC...

6.5CVSS5.8AI score0.00323EPSS
Exploits0References15
Snyk
Snyk
added 2026/05/18 7:10 p.m.10 views

Infinite loop

Overview Microsoft.AspNetCore.App.Runtime.win-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the FormDataReader.ProcessFormKeys...

8.7CVSS5.8AI score0.0243EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:5 a.m.7 views

CVE-2026-8199 Post-auth memory exhaustion via bitwise match expressions

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

7.1CVSS5.8AI score0.00258EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.180 views

2026-05 .NET 8.0.27 Security Update for x64 Client (KB5093447)

2026-05 .NET 8.0.27 Security Update for x64 Client KB5093447...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft .NET 输入验证错误漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and transparency in networking. There is an input validation vulnerability in Microsoft .NET. Attackers c...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

MongoDB Ops Manager 命令注入漏洞

MongoDB Ops Manager is a solution developed by the American company MongoDB, designed for managing, monitoring, and backing up MongoDB deployments. MongoDB Ops Manager has a command injection vulnerability, which stems from executing arbitrary commands when configuring Webhooks. The following...

9.4CVSS5.9AI score0.00371EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 2:0 p.m.8 views

CLSA-2025-1751461369 mysql: Fix of 27 CVEs

Update to MySQL 8.0.42 - CVEs fixed: CVE-2025-21574 CVE-2025-21577 CVE-2025-21579 CVE-2025-21581 CVE-2025-21584 CVE-2025-21585 CVE-2025-30681 CVE-2025-30682 CVE-2025-30683 CVE-2025-30684 CVE-2025-30688 CVE-2025-30689 CVE-2025-30695 CVE-2025-30703 CVE-2025-30705 CVE-2025-30710 CVE-2025-30715...

6.8CVSS5.8AI score0.00855EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017731 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

6.8CVSS5.8AI score0.0202EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017739 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

6.8CVSS5.8AI score0.02293EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017672 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

4.9CVSS6.7AI score0.01319EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017771 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.21 and prior. Difficult to exploit...

6.8CVSS6.7AI score0.02268EPSS
Exploits0References4
Rows per page
Query Builder