Lucene search
K

784 matches found

OSV
OSV
added 2026/03/31 11:41 p.m.3 views

GHSA-H45M-MGCP-Q388 openssl-encrypt: TOTP rate limiter is in-memory only — not shared across workers, lost on restart

Severity: HIGH Summary The TOTP brute-force rate limiter in opensslencryptserver/modules/pepper/totp.py at lines 47-98 uses an in-memory defaultdictlist as a class variable. Affected Code python class TOTPRateLimiter: def initself, ...: self.attempts: Dictstr, Listdatetime = defaultdictlist...

9.1CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/31 11:41 p.m.7 views

openssl-encrypt: TOTP rate limiter is in-memory only — not shared across workers, lost on restart

Severity: HIGH Summary The TOTP brute-force rate limiter in opensslencryptserver/modules/pepper/totp.py at lines 47-98 uses an in-memory defaultdictlist as a class variable. Affected Code python class TOTPRateLimiter: def initself, ...: self.attempts: Dictstr, Listdatetime = defaultdictlist...

5.9AI score
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2026/03/17 2:34 p.m.4 views

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tricked into manually running malicious commands to address non-existent errors, is a departure fro...

6.2AI score
Exploits0
Trellix
Trellix
added 2026/03/11 12:0 a.m.5 views

Fileless Multi-Stage Remcos RAT: From Phishing to Memory-Resident Execution

Fileless Multi-Stage Remcos RAT: From Phishing to Memory-Resident Execution By Madhini Muralidharan · March 11, 2026 Traditional malware campaigns rely heavily on dropping executable files to disk—artifacts that defenders can scan, quarantine, and analyze with signature-based security tools. Mode...

6.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/10 9:32 p.m.3 views

CVE-2026-31824

Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...

8.2CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.12 views

GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable

CVE-2026-26030 is a Remote Code Execution vulnerability that has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality. GitHub created this CVE on their behalf. GitHub created this CVE on their behalf. This document incorporates...

9.9CVSS5.8AI score0.02914EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2026/03/10 1:0 p.m.17 views

When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation

Overview Rapid7 Labs has identified and analyzed an ongoing, widespread compromise of legitimate, potentially highly trusted WordPress websites, misused by an unidentified threat actor to inject a ClickFix implant impersonating a Cloudflare human verification challenge CAPTCHA. The lure is design...

6AI score
Exploits0
OSV
OSV
added 2026/03/10 1:4 a.m.10 views

CLEANSTART-2026-GJ95666 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.1AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 1:2 a.m.4 views

CLEANSTART-2026-AF35851 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.1AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 1:0 a.m.5 views

CLEANSTART-2026-QK48981 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.1AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 12:58 a.m.4 views

CLEANSTART-2026-AV02020 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.3AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 12:58 a.m.2 views

CLEANSTART-2026-XH31600 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.1AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 12:56 a.m.9 views

CLEANSTART-2026-RA63757 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS5.8AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/10 12:48 a.m.3 views

CLEANSTART-2026-IR62391 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.2AI score0.86767EPSS
Exploits20References57
OSV
OSV
added 2026/03/09 7:52 p.m.4 views

GHSA-RCHV-X836-W7XP OpenClaw's dashboard leaked gateway auth material via browser URL/query and localStorage

OpenClaw's macOS Dashboard flow exposed Gateway authentication material to browser-controlled surfaces. Before the fix, the macOS app appended the shared Gateway token and password to the Dashboard URL query string when opening the Control UI in the browser. The Control UI then imported the token...

7.1CVSS5.8AI score
Exploits0References4
Fedora
Fedora
added 2026/03/07 12:33 a.m.8 views

[SECURITY] Fedora 44 Update: valkey-9.0.3-1.fc44

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.5CVSS5.8AI score0.00586EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.2 views

Secure In-Memory Execution with W^X Enforcement Using mprotect

This C program demonstrates how to dynamically control memory allocation with the W^X protection principle...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/03/05 1:13 a.m.5 views

[SECURITY] Fedora 42 Update: valkey-8.0.7-1.fc42

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.5CVSS6AI score0.00586EPSS
Exploits0
Fedora
Fedora
added 2026/03/05 12:57 a.m.4 views

[SECURITY] Fedora 43 Update: valkey-8.1.6-1.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.5CVSS6AI score0.00586EPSS
Exploits0
OSV
OSV
added 2026/03/04 12:43 a.m.2 views

CLEANSTART-2026-AY29369 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

9.8CVSS7.3AI score0.04488EPSS
Exploits1References7
Rows per page
Query Builder