Lucene search
K

800 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.1.3 (RHSA-2026:0384)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0384 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

9.6CVSS7.7AI score0.0217EPSS
Exploits1References26
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.10 views

CVE-2023-31914

Jerryscript 3.0 commit 05dbbd1 was discovered to contain out-of-memory issue in malloc...

5.5CVSS7.2AI score0.00331EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:56 a.m.7 views

CVE-2018-4421

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1...

9.3CVSS6.1AI score0.00907EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.6 views

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges...

9.3CVSS6.5AI score0.00737EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/09 12:45 a.m.8 views

Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access Digital Credentials (CVE-2025-56200, CVE-2025-64118, CVE-2025-59343)

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access Digital Credentials Vulnerability Details CVEID:CVE-2025-56200 DESCRIPTION: A URL validation bypass vulnerability exists in validator.js through version 13.15.15. The isURL function uses '://' as a delimiter to par...

8.7CVSS6.2AI score0.00516EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2026/01/07 12:23 a.m.4 views

SUSE CVE-2025-69228

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...

7.5CVSS6.4AI score0.00347EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.6 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2025-083 (ALASNITRO-ENCLAVES-2025-083)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-083 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may...

7.5CVSS6.8AI score0.00521EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.7 views

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2025-093 (ALASDOCKER-2025-093)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-093 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the...

7.5CVSS6.8AI score0.00521EPSS
Exploits2References10
RedhatCVE
RedhatCVE
added 2026/01/02 3:36 p.m.6 views

CVE-2025-66023

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free UAF vulnerability within the MQTT bridge client component implemented via the underlying NanoNNG library. The vulnerability is triggered when NanoMQ acts as a bridge connecting ...

6.9CVSS7.1AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-24126

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software for editing and manipulating digital images. A heap use-after-free issue exists in ImageMagick’s MSL decoder. By crafting a...

5.3CVSS5.8AI score0.00243EPSS
Exploits0References105
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

EulerOS Virtualization 2.13.0 : expat (EulerOS-SA-2025-2608)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted fo...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/12/24 7:42 a.m.10 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS7.4AI score0.32EPSS
Exploits14References7
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-68376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coresight: ETR: Fix ETR buffer use-after-free issue When ETR is enabled as CSMODESYSFS, if the buffer size is changed and enabled again, currently sysfsbuf will...

7.3AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.1 views

openSUSE 16 Security Update : chromium (openSUSE-SU-2025:20178-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20178-1 advisory. Changes in chromium: Chromium 143.0.7499.146 boo1255115: CVE-2025-14765: Use after free in WebGPU CVE-2025-14766: Out of bounds read and write i...

8.8CVSS7.8AI score0.22359EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.2 views

SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2025:4423-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4423-1 advisory. Update to version 2.50.3. Security issues fixed: - CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector serv...

8.8CVSS7AI score0.03955EPSS
Exploits1References55
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.5 views

RHEL 9 : webkit2gtk3 (RHSA-2025:23700)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23700 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free...

8.8CVSS7.9AI score0.32EPSS
Exploits8References14
OSV
OSV
added 2025/12/12 12:20 p.m.6 views

OESA-2025-2833 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

6.1CVSS6.7AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2025/12/10 10:16 p.m.5 views

CVE-2025-66033

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and...

5.3CVSS0.00228EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 7:12 p.m.7 views

MGASA-2025-0324 Updated python3 packages fix security vulnerabilities

Excessive read buffering DoS in http.client. CVE-2025-13836 Out-of-memory when loading Plist. CVE-2025-13837 Quadratic complexity in node ID cache clearing. CVE-2025-12084...

7.5CVSS6.6AI score0.01525EPSS
Exploits0References3
OSV
OSV
added 2025/12/05 6:18 p.m.3 views

GHSA-F83F-XPX7-FFPW Fulcio allocates excessive memory during token parsing

Function identity.extractIssuerURL currently splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request with an invalid OIDC identity token in the payload containing many period characters, a call to extractIssuerURL incurs...

7.5CVSS6.8AI score0.00191EPSS
Exploits0References4
Rows per page
Query Builder