Lucene search
+L

360 matches found

Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.12 views

PT-2026-7811

Dell Update Package DUP Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

8.2CVSS5.4AI score0.00092EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/02/11 2:25 p.m.9 views

USN-8025-1: .NET vulnerability

Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An attacker could possibly use this issue to bypass security checks and gain unauthorized access or perform data manipulation...

7.5CVSS5.6AI score0.01015EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.8 views

KB5075971: Windows Server 2012 Security Update (February 2026)

The remote Windows host is missing security update 5075971. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

8.8CVSS7.7AI score0.25835EPSS
Exploits8References14
Cvelist
Cvelist
added 2026/01/26 3:32 a.m.39 views

CVE-2026-1417 GPAC filedump.c dump_isom_rtp null pointer dereference

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

4.8CVSS0.00196EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 8 : qt5 (AXSA:2021-2858:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2858:01 advisory. qt: Out of bounds read in function QRadialFetchSimd from crafted svg file CVE-2021-3481 Tenable has extracted the preceding description block directly from t...

7.1CVSS6.5AI score0.00511EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : qt5-qtbase-5.15.9-9.el9 (AXSA:2024-8076:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8076:01 advisory. qt: incorrect integer overflow check CVE-2023-51714 qtbase: potential buffer overflow when reading KTX images CVE-2024-25580 Tenable has extracted t...

9.8CVSS5.9AI score0.00986EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : dotnet6.0-6.0.125-1.el9_3.ML.1 (AXSA:2023-7090:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7090:29 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

9.8CVSS8.3AI score0.12512EPSS
Exploits0References3
OSV
OSV
added 2026/01/14 3:15 a.m.8 views

CVE-2025-68960

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability...

4.7CVSS5.8AI score0.00088EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.16 views

CVE-2019-2857

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 19.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. Successful...

5.4CVSS5.9AI score0.00746EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.4 views

NVIDIA Nemo Framework Code Issue Vulnerability

NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. The NVIDIA Nemo Framework contains a security vulnerability that can be exploited by attackers to cause code execution, elevation of privilege, information disclosure, and data tampering...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/12 8:50 a.m.216 views

Exploit for CVE-2025-55183

CVE-2025-55183 - Next.js RSC Server Function Source Code Discl...

5.3CVSS7AI score0.62405EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/12/04 12:58 a.m.223 views

Exploit for CVE-2025-55182

CVE-2025-55182 / CVE-2025-66478 Vulnerability Scanner React...

10CVSS8.8AI score0.99562EPSS
Exploits390
OSV
OSV
added 2025/12/03 8:16 p.m.5 views

AZL-71647 CVE-2025-12385 affecting package qt5-qtdeclarative 5.12.5-5

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

8.7CVSS5.8AI score0.00273EPSS
Exploits0References1
Android Security Bulletins
Android Security Bulletins
added 2025/12/01 12:0 a.m.56 views

Android Security Bulletin—December 2025Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2025-12-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...

9.8CVSS7.5AI score0.00343EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: .NET 8.0 (TSSA-2024:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS8.2AI score0.02868EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/11/14 3:20 p.m.21 views

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence AI inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. "These vulnerabilities all traced back to t...

8.8CVSS10AI score0.00886EPSS
Exploits2
OSV
OSV
added 2025/11/11 5:15 p.m.9 views

CVE-2025-23361

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and da...

7.8CVSS7AI score0.00249EPSS
Exploits0References3
CVE
CVE
added 2025/11/11 4:18 p.m.14 views

CVE-2025-23361

CVE-2025-23361 affects NVIDIA NeMo Framework. A vulnerability in a script allows malicious input to control code generation, with potential code execution, privilege escalation, information disclosure, and data tampering. Affected product: NVIDIA NeMo Framework (version context shows 2.0.3 in one...

7.8CVSS6.8AI score0.00249EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/10/28 9:34 p.m.23 views

CVE-2025-62800

FastMCP (Python framework for MCP apps) is affected prior to version 2.13.0 by a reflected XSS in the OAuth client callback page (oauth_callback.py). The vulnerability occurs when unescaped user-controlled values are inserted into the generated HTML, enabling arbitrary JavaScript execution in the...

6.1CVSS6AI score0.0025EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-61770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References2
Rows per page
Query Builder