Lucene search
K

23145 matches found

Fedora
Fedora
added 2025/03/28 12:21 a.m.13 views

[SECURITY] Fedora 42 Update: augeas-1.14.2-0.4.20250324git4dffa3d.fc42

A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and...

4.8CVSS7.2AI score0.00241EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

HDF5 安全漏洞

HDF5 Hierarchical Data Format version 5 is an open source library and file format for storing and organizing large amounts of data. A buffer overflow vulnerability exists in the HDF5 H5FSsinfoserializesectcb function. The vulnerability stems from the function failing to properly check buffer...

4.8CVSS7.3AI score0.00255EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2025/03/28 12:0 a.m.5 views

Advanced XSS Exploitation - How to Create Keylogger and Get Password

In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to create keyloggers and send the content typed by the client to an external server, where the attacker will have access to messages, passwords, etc. The paper is primarily focusing on a...

6.3AI score
Exploits0
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.6 views

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5Faddrencodelen function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

4.8CVSS7.2AI score0.00255EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

HDF5 资源管理错误漏洞

HDF5 Hierarchical Data Format version 5 is an open source library and file format for storing and organizing large amounts of data. The HDF5 H5FLblkgclist function releases a post heap usage vulnerability that can be exploited by an attacker to cause out-of-bounds reads and potentially crash an...

5.3CVSS6.8AI score0.00229EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.3 views

HDF5 安全漏洞

HDF5 is an HDF open source library. A security vulnerability exists in HDF5 1.14.6 and earlier versions, which stems from a heap buffer overflow in the H5Omsgflush function and requires local access...

5.3CVSS4.3AI score0.00255EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 has a double release vulnerability, which originates from the double release of the parameter mem of the function H5MMrealloc in the file src/H5MM.c. There are no detailed vulnerability details provided...

5.5CVSS6.9AI score0.00242EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/03/27 6:40 p.m.3 views

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

8.8CVSS7.6AI score0.00465EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/03/27 12:13 a.m.1 views

SUSE CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.1CVSS7.7AI score0.00255EPSS
Exploits0References4
CNVD
CNVD
added 2025/03/27 12:0 a.m.2 views

HDF5 H5T__bit_copy function buffer overflow vulnerability

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5Tbitcopy function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

7.8CVSS7.2AI score0.00324EPSS
Exploits1References1
CNVD
CNVD
added 2025/03/27 12:0 a.m.7 views

HDF5 H5MM_strndup function buffer overflow vulnerability

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5MMstrndup function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

7.8CVSS7.2AI score0.00361EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.3 views

libming 缓冲区错误漏洞

libming is an open source Flash SWF output library written in C by Ming. A security vulnerability exists in libming version 0.4.8, which stems from a segmentation error in the decompileRETURN function that could lead to a denial of service...

6.5CVSS6.3AI score0.00333EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:5 a.m.52 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2018-17336 DESCRIPTION: UDisks could allow a local attacker to obtain sensitive information, caused by a format string vulnerability in udiskslog in udiskslogging.c. By using a...

8.6CVSS9.4AI score0.11334EPSS
Exploits2Affected Software1
OSV
OSV
added 2025/03/25 9:15 p.m.1 views

UBUNTU-CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

7.8CVSS7.3AI score0.00255EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/03/25 8:42 a.m.6 views

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.5CVSS7.4AI score0.00465EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/03/25 7:0 a.m.3 views

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

...

7.8CVSS7AI score0.00324EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.2 views

Inaba Denki Sangyo CHOCO TEI WATCHER mini 安全漏洞

Inaba Denki Sangyo CHOCO TEI WATCHER mini is a series of surveillance cameras from Inaba Denki Sangyo. A security vulnerability exists in Inaba Denki Sangyo CHOCO TEI WATCHER mini that originates from storing passwords in a recoverable format, which could lead to an attacker obtaining a user's...

4.6CVSS9AI score0.003EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.2 views

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Formatting PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by an oversized Type 4...

7.8CVSS6.4AI score0.00255EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.3 views

PT-2025-34320

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: A flaw exists in the parsing of PRC files due to insufficient validation of user-supplied data, leading to a read past the end of an allocated buffer. An attacker can leverage this...

7.8CVSS7.3AI score0.0023EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/24 5:53 p.m.2 views

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

8.8CVSS7.6AI score0.00465EPSS
Exploits0References6
Rows per page
Query Builder