Lucene search
K

38 matches found

OSV
OSV
added 2026/03/17 10:16 a.m.6 views

DEBIAN-CVE-2026-3634

A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed CRLF sequence due to improper input sanitization in the soupmessageheaderssetcontenttype function. This vulnerability allows for the injection of arbitrary...

6.5CVSS5.6AI score0.00184EPSS
Exploits1References1
OSV
OSV
added 2026/02/03 8:15 p.m.2 views

DEBIAN-CVE-2025-64098

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

5.9CVSS5.5AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2026/01/22 6:6 a.m.2 views

BELL-CVE-2026-21932

Bulletin has no description...

7.4CVSS5.4AI score0.00427EPSS
Exploits0References1
OSV
OSV
added 2025/12/24 12:1 p.m.3 views

BELL-CVE-2025-68328

Bulletin has no description...

6.9AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2025/12/19 5:15 p.m.2 views

DEBIAN-CVE-2025-14957

A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer...

5.5CVSS4AI score0.00179EPSS
Exploits1References1
OSV
OSV
added 2025/12/18 3:16 p.m.2 views

DEBIAN-CVE-2025-68323

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec-work The delayed work uec-work is scheduled in gaokunucsiprobe but never properly canceled in gaokunucsiremove. This creates use-after-free scenarios where the ucsi and gaokunucs...

5.3AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2025/12/16 4:16 p.m.1 views

DEBIAN-CVE-2025-68297

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...

5.3AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2025/12/12 12:0 a.m.3 views

DLA-4403-1 tzdata - new timezone database

Bulletin has no description...

6.9AI score
Exploits0
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

DEBIAN-CVE-2025-40335

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args This will help on validating the userq input args, and rejecting for the invalid userq request at the IOCTLs first place...

5.1AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 11:47 a.m.11 views

CVE-2025-9648 Denial of Service in CivetWeb

A vulnerability in the CivetWeb library's function mghandleformrequest allows remote attackers to trigger a denial of service DoS condition. By sending a specially crafted HTTP POST request containing a null byte in the payload, the server enters an infinite loop during form data parsing. Multipl...

8.7CVSS0.00711EPSS
Exploits0References4
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-11454 Malicious code in @zalastax/nolb-finn (npm)

The package @zalastax/nolb-finn was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2024/08/26 9:15 p.m.5 views

CVE-2024-43340

Cross-Site Request Forgery CSRF vulnerability in Nasirahmed Advanced Form Integration.This issue affects Advanced Form Integration: from n/a through 1.89.4...

4.3CVSS5.8AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 5:57 a.m.2 views

BELL-CVE-2024-35894

Bulletin has no description...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2023/12/04 11:15 p.m.5 views

CVE-2023-40095

In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2022/11/01 8:15 p.m.3 views

CVE-2022-42827

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...

7.8CVSS6.1AI score0.01136EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2021/11/10 7:12 p.m.5 views

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +60 more potentially affected by CVE-2021-41204 via tensorflow (>=2.5.0 <=2.5.1)

tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.8.0 and more Source cves: CVE-2021-41204 Source advisory: OSV:GHSA-786J-5QWQ-R36X...

5.5CVSS6AI score0.00136EPSS
Exploits0
OSV
OSV
added 2021/08/23 1:15 a.m.1 views

DEBIAN-CVE-2021-39371

An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...

7.5CVSS7.4AI score0.01524EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2018/08/23 7:12 p.m.5 views

@devpodio/application-manager (>=0.3.16 <=0.3.20), @devpodio/bunyan (>=0.3.16 <=0.3.20) +158 more potentially affected by CVE-2018-15685 via electron (>=1.8.1 <=1.8.7)

electron NPM version =1.8.1, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.16, =0.3.20 and more Source cves: CVE-2018-15685 Source advisory: OSV:GHSA-HV9C-QWQG-QJ3V...

8.1CVSS7.2AI score0.10427EPSS
Exploits4
Rows per page
Query Builder