Lucene search
+L

10314 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 5:35 p.m.18 views

Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2026-21945)

Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a hang or repeatable crash of...

7.5CVSS5.8AI score0.00864EPSS
Exploits0Affected Software1
Debian
Debian
added 2026/05/07 4:22 p.m.14 views

[SECURITY] [DLA 4568-1] lcms2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4568-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 06, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

7.5CVSS5.8AI score0.00365EPSS
Exploits1
OSV
OSV
added 2026/05/07 1:0 p.m.12 views

USN-8248-1 nasm vulnerabilities

Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this issue to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-31722 It was discovered that NASM incorrectly...

7.8CVSS6.8AI score0.0035EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.12 views

Debian dla-4567 : lrzip - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4567 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4567-1 [email protected] https://www.debian.org/lts/security/...

7.8CVSS6AI score0.00202EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/06 8:57 p.m.11 views

Magento LTS: Reflected XSS - Import -> Data Flow (profiles)

A reflected XSS vulnerability was found under admin panel - System - Import/Export - Dataflow - Profiles. Steps to produce + Login to the admin panel + Go to the path System - Import/Export - Dataflow - Profiles + Select profile direction as Import. + Click on Import Customers + Upload the file...

5.3CVSS5.8AI score0.00258EPSS
Exploits0References3Affected Software1
Ubuntu
Ubuntu
added 2026/05/06 7:55 p.m.18 views

USN-8239-1: Apache HTTP Server vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

9.8CVSS6.3AI score0.4581EPSS
Exploits18
Debian
Debian
added 2026/05/06 11:59 a.m.16 views

[SECURITY] [DLA 4566-1] openjdk-11 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4566-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 06, 2026 https://wiki.debian.org/LTS -...

7.5CVSS7.2AI score0.00702EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.7 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Mako vulnerability (USN-8234-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8234-1 advisory. It was discovered that Mako incorrectly handled URIs with double-slash prefixes in...

8.7CVSS5.9AI score0.00361EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/05 8:11 p.m.7 views

Open Redirect

Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Open Redirect via the stockAction process. An attacker can redirect authenticated users to arbitrary external websites by supplying a craft...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 7:35 p.m.13 views

GHSA-2CWR-GCF9-PVXR Magento LTS has Weak API Session ID — Predictable MD5 of Time-Derived Inputs

Affected Version: OpenMage LTS ≤ 20.16.0 confirmed on 20.16.0 Affected File: https://github.com/OpenMage/magento-lts/blob/main/app/code/core/Mage/Api/Model/Session.php – start method Summary The XML-RPC / SOAP API session ID is generated using an outdated, time-based construction rather than a...

9.3CVSS5.8AI score0.00267EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/05 7:35 p.m.11 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG in the start function. An attacker can gain unauthorized access to active...

9.4CVSS5.8AI score0.00267EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/05 7:35 p.m.11 views

Magento LTS has Weak API Session ID — Predictable MD5 of Time-Derived Inputs

Affected Version: OpenMage LTS ≤ 20.16.0 confirmed on 20.16.0 Affected File: https://github.com/OpenMage/magento-lts/blob/main/app/code/core/Mage/Api/Model/Session.php – start method Summary The XML-RPC / SOAP API session ID is generated using an outdated, time-based construction rather than a...

9.3CVSS5.8AI score0.00267EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2026/05/05 4:13 a.m.73 views

[SECURITY] [DLA 4563-1] libarchive security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4563-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout May 05, 2026 https://wiki.debian.org/LTS -...

9.8CVSS6.5AI score0.01073EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.14 views

Debian dla-4563 : libarchive-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4563 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4563-1 [email protected]...

9.8CVSS6.5AI score0.01073EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.5 views

Debian dla-4562 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4562 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4562-1 [email protected]...

9.6CVSS6.3AI score0.00375EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.28 views

Debian dla-4561 : linux-config-6.1 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4561 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4561-1 [email protected]...

9.8CVSS7AI score0.96267EPSS
Exploits233References608
Debian
Debian
added 2026/05/01 3:29 p.m.17 views

[SECURITY] [DLA 4558-1] libexif security update

Debian LTS Advisory DLA-4558-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias May 01, 2026 https://wiki.debian.org/LTS Package : libexif Version : 0.6.22-3+deb11u1 CVE ID : CVE-2026-32775 CVE-2026-40385 CVE-2026-40386 Debian Bug : 1131116 1133922 1133923 Three...

7.8CVSS5.9AI score0.00193EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.13 views

Debian dla-4555 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4555 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4555-1 [email protected]...

9.6CVSS5.8AI score0.00375EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.4 views

Ubuntu 24.04 LTS : wheel vulnerability (USN-8221-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8221-1 advisory. It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an...

7.1CVSS7AI score0.00311EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.9 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : UltraJSON vulnerabilities (USN-8219-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8219-1 advisory. Cameron Criswell discovered that UltraJSON contained a memory leak that would occur when parsing large integers. An...

7.5CVSS5.9AI score0.00479EPSS
Exploits1References3
Rows per page
Query Builder