Lucene search
K

12932 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012959 advisory. In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential staticcommandline memory overflow We allocate memory of size 'xlen +...

7.8CVSS6.8AI score0.00272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

RHEL 9 : python3.11 (RHSA-2026:9260)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9260 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/20 2:13 p.m.22 views

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

7.1CVSS6AI score0.00308EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/04/20 6:55 a.m.115 views

mirai-exploit

Vulnerability Details CVE ID: CVE-2026-22812 Affe...

8.8CVSS5.9AI score0.16955EPSS
Exploits7
Fedora
Fedora
added 2026/04/20 1:6 a.m.10 views

[SECURITY] Fedora 42 Update: awstats-8.0-1.fc42

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

7.8CVSS5.3AI score0.01046EPSS
Exploits1
Fedora
Fedora
added 2026/04/20 12:46 a.m.10 views

[SECURITY] Fedora 43 Update: awstats-8.0-2.fc43

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

7.8CVSS5.3AI score0.01046EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33702

SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences 'CRLF Injection' vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration...

6.9CVSS5.9AI score0.00277EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.5 views

RHEL 9 : python3.11 (RHSA-2026:9042)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9042 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/17 11:51 p.m.38 views

CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS0.00155EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 10:33 p.m.1 views

GHSA-8Q4H-8CRM-5CVC elFinder: Command injection in resize background color parameter when using ImageMagick CLI

Severity High bg can be injected into shell command construction, leading to possible RCE in affected configurations. Summary elFinder contains a command injection vulnerability in the resize command. The bg background color parameter is accepted from user input and passed through image...

9.8CVSS6.2AI score0.01567EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 3:19 p.m.6 views

JLSEC-2026-132

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...

5.5CVSS6AI score0.01772EPSS
Exploits1References26
Microsoft CVE
Microsoft CVE
added 2026/04/17 8:1 a.m.5 views

jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

...

6.3CVSS5.7AI score0.00256EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007458 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710...

5.5CVSS6.3AI score0.00238EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.19 views

Dahua Security Assessment Tool - Authentication, Scan, and Exposure Testing Script

This Python script is a security assessment tool designed to evaluate the exposure and potential vulnerabilities of Dahua-based devices commonly IP cameras and NVR systems. It combines multiple testing modules into one CLI utility...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/16 11:50 p.m.6 views

BIT-PYTHON-MIN-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

5.7CVSS5.7AI score0.00562EPSS
Exploits0References9
OSV
OSV
added 2026/04/16 11:50 p.m.3 views

BIT-PYTHON-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

5.7CVSS5.7AI score0.00562EPSS
Exploits0References9
OSV
OSV
added 2026/04/16 11:45 p.m.5 views

BIT-MLFLOW-2025-14287 Command Injection in mlflow/mlflow

A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/sagemaker/init.py file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, whic...

8.8CVSS7.4AI score0.01456EPSS
Exploits1References2
OSV
OSV
added 2026/04/16 11:43 p.m.4 views

BIT-LIBPYTHON-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

5.7CVSS5.7AI score0.00562EPSS
Exploits0References9
Fedora
Fedora
added 2026/04/16 11:42 p.m.12 views

[SECURITY] Fedora 44 Update: kde-cli-tools-6.6.4-1.fc44

Provides several KDE and Plasma specific command line tools to allow better interaction with the system...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/16 11:0 p.m.8 views

@saltcorn/cli (>=1.5.0 <=1.5.5-beta.0), @saltcorn/mobile-builder (>=1.5.0 <=1.5.5-beta.0) potentially affected by CVE-2026-42259 via @saltcorn/server (>=1.5.0-beta.0 <=1.5.5)

@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.5-beta.0 Source cves: CVE-2026-42259 Source advisory: SNYK:JS-SALTCORNSERVER-16111017...

5.1CVSS5.8AI score0.00339EPSS
Exploits0
Rows per page
Query Builder