Lucene search
+L

1986 matches found

CNNVD
CNNVD
added 2026/04/21 12:0 a.m.5 views

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.6 views

PT-2026-33949

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150 Firefox ESR versions prior to 140.10 Thunderbird versions prior to 150 Thunderbird versions prior to 140.10 Description A mitigation bypass exists within the File Handling component. Recommendations Update Firefox...

6.5CVSS5AI score0.00191EPSS
Exploits0References199
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

RHEL 8 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (RHSA-2026:9447)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9447 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

8.8CVSS6.6AI score0.00867EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-6763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

6.5CVSS6.6AI score0.00191EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/04/21 12:0 a.m.9 views

KLA90995 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A...

9.8CVSS7AI score0.04938EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/20 4:34 a.m.10 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS6.2AI score0.00867EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/20 4:15 a.m.3 views

CVE-2026-6604

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS5.4AI score0.00284EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/20 4:13 a.m.9 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.7AI score0.00867EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 3:31 a.m.11 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.7AI score0.00867EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 2:56 a.m.8 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS8AI score0.00867EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/19 12:0 a.m.9 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from operations on the file...

5.5CVSS6.1AI score0.003EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: open-vm-tools (UTSA-2026-007257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007257 advisory. VMware Tools contains an insecure file handling vulnerability.A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigge...

6.1CVSS5.8AI score0.00255EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/15 3:17 p.m.4 views

CVE-2026-20204 Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterprise

In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the admin or power Splunk roles could potentially perform ...

7.1CVSS5.9AI score0.03282EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/13 11:16 a.m.6 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.5AI score0.00867EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 2:31 a.m.6 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

An update for multiple packages is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS7.9AI score0.00867EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/13 2:31 a.m.6 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.5AI score0.00867EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2026/04/13 12:0 a.m.10 views

perl-XML-Parser security update

2.44-12.0.1 - Add perlLWP, perlURI, perlURI::file Requires 2.44-12 - Fix CVE-2006-10002, CVE-2006-10003...

9.8CVSS5.8AI score0.00604EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.7 views

MiracleLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (AXSA:2026-421:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-421:01 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffe...

8.8CVSS7.9AI score0.00867EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.6 views

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Versions of AstrBot 4.22.1 and earlier contained a security vulnerability. This vulnerability stemmed from improper handling of the File parameter in the installpluginUpload function within the...

6.5CVSS6.6AI score0.00224EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31918

Name of the Vulnerable Software and Affected Versions NASM affected versions not specified Description A heap use after free issue exists during response file -@ processing. A dangling pointer to freed memory is stored in the global depend file and subsequently dereferenced because the...

9.6CVSS6.2AI score0.00414EPSS
Exploits1References22
Rows per page
Query Builder