Lucene search
+L

351 matches found

RedhatCVE
RedhatCVE
added 2026/02/16 8:41 p.m.14 views

CVE-2025-32739

Improper conditions check in some firmware for some IntelR Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This resul...

2.8CVSS5.3AI score0.00084EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.6 views

Ubuntu 22.04 LTS / 25.10 : .NET vulnerability (USN-8025-1)

The remote Ubuntu 22.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8025-1 advisory. Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data...

7.5CVSS7.2AI score0.01015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.8 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerability (USN-8021-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8021-1 advisory. Benny Isaacs discovered that ImageMagick did not properly manage memory when processing certain image...

9.8CVSS6.2AI score0.00609EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.6 views

Debian dla-4474 : librlottie-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4474 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4474-1 [email protected]...

9.8CVSS5.7AI score0.00452EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/02/10 12:29 a.m.14 views

Cube Core is vulnerable to Denial of Service (DoS) via crafted request

Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Affected Versions: = 1.1.17 Mitigation: Upgrade to a patched version: - 1.5.13 and later regular release - 1.4.2 active LTS release References The issue was reported by...

6.5CVSS5.5AI score0.00391EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2026/02/06 9:28 p.m.9 views

[SECURITY] [DLA 4472-1] sudo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4472-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 06, 2026 https://wiki.debian.org/LTS -...

5.3CVSS5.5AI score0.00953EPSS
Exploits0
NVD
NVD
added 2026/02/05 2:16 p.m.8 views

CVE-2025-13491

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

5.1CVSS0.00148EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/05 1:55 p.m.7 views

CVE-2025-13491 IBM App Connect Enterprise Certified Container Information Disclosure

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

5.1CVSS5.8AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/05 1:55 p.m.34 views

CVE-2025-13491 IBM App Connect Enterprise Certified Container Information Disclosure

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

5.1CVSS0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/05 1:55 p.m.5 views

EUVD-2025-206870

IBM App Connect Enterprise Certified Container up to 12.19.0 Continuous Delivery and 12.0 LTS Long Term Support could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

5.1CVSS5.4AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/02/04 10:15 p.m.34 views

CVE-2026-25523

Magento-lts is a long-term support alternative to Magento Community Edition CE. Prior to version 20.16.1, the admin url can be discovered without prior knowledge of it's location by exploiting the X-Original-Url header on some configurations. This issue has been patched in version 20.16.1...

5.3CVSS0.00289EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/04 9:21 p.m.6 views

CVE-2026-25523 Magento's X-Original-Url header can expose admin url

Magento-lts is a long-term support alternative to Magento Community Edition CE. Prior to version 20.16.1, the admin url can be discovered without prior knowledge of it's location by exploiting the X-Original-Url header on some configurations. This issue has been patched in version 20.16.1...

5.3CVSS5.4AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/04 9:21 p.m.7 views

EUVD-2026-5330

Magento-lts is a long-term support alternative to Magento Community Edition CE. Prior to version 20.16.1, the admin url can be discovered without prior knowledge of it's location by exploiting the X-Original-Url header on some configurations. This issue has been patched in version 20.16.1...

5.3CVSS5.4AI score0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

magento-lts 信息泄露漏洞

Magento-LTS is an open-source alternative to OpenMage, designed as a reliable substitute for the official Magento CE version. Versions of Magento-LTS prior to 20.16.1 contained an information leakage vulnerability. This vulnerability stemmed from the ability to exploit the X-Original-Url header...

5.3CVSS5.8AI score0.00289EPSS
Exploits0References2
Debian
Debian
added 2026/02/03 10:3 a.m.8 views

[SECURITY] [DLA 4465-1] clamav new upstream version

------------------------------------------------------------------------- Debian LTS Advisory DLA-4465-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 03, 2026 https://wiki.debian.org/LTS -...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.7 views

OpenSSL Toolkit 3.5.5

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 LTS release...

5.3CVSS5.9AI score0.47621EPSS
Exploits7
Debian
Debian
added 2026/01/19 10:39 p.m.7 views

[SECURITY] [DLA 4443-1] dcmtk security update

Debian LTS Advisory DLA-4443-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 19, 2026 https://wiki.debian.org/LTS Package : dcmtk Version : 3.6.5-1+deb11u6 CVE ID : CVE-2025-14607 CVE-2025-14841 Debian Bug : 1122926 1123584 Two vulnerabilities have been...

6.5CVSS6.4AI score0.00237EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/18 10:10 p.m.2 views

CVE-2026-23525

1Panel is an open-source, web-based control panel for Linux server management. A stored Cross-Site Scripting XSS vulnerability exists in the 1Panel App Store when viewing application details. Malicious scripts can execute in the context of the user’s browser, potentially compromising session data...

6.4CVSS6.1AI score0.00306EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/01/13 8:37 p.m.9 views

TYPO3 CMS Allows Broken Access Control in Edit Document Controller

Problem By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend. This gave them the ability to insert arbitrary data into prohibited exclude fields of a database table for which the user already has write permission for a...

6.5CVSS6.9AI score0.00287EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

Dell PowerProtect Data Domain 操作系统命令注入漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. The Dell PowerProtect Data Domain suffers from an operating system command injection vulnerability that originates from improper...

7.2CVSS5.8AI score0.01409EPSS
Exploits0References1
Rows per page
Query Builder