Lucene search
K

339 matches found

Microsoft CVE
Microsoft CVE
added 2026/03/27 8:1 a.m.3 views

Squid has issues in ICP message handling

...

6.9CVSS5.8AI score0.01039EPSS
Exploits0
EUVD
EUVD
added 2026/03/25 12:30 p.m.8 views

EUVD-2026-15274

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without cleaning up properly: 1...

5.6AI score0.00124EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/23 6:16 p.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/19 12:0 a.m.8 views

Open5GS Denial of Service Vulnerability (CNVD-2026-14249)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.7.6 and earlier. The vulnerability stems from the function smfgxccacb/smfgyccacb/smfs6baaacb/smfs6bstacb of t...

7.5CVSS5.9AI score0.00534EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.7.6 and earlier. The vulnerability stems from the function smfgxccacb/smfgyccacb/smfs6baaacb/smfs6bstacb of t...

7.5CVSS6AI score0.00534EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.11 views

Sigstore 安全漏洞

Sigstore is an open-source software signature verification library developed by sigstore. Versions of Sigstore prior to 0.2.3 contained security vulnerabilities. These vulnerabilities stemmed from the improper propagation of failure messages during the verification process, which could lead to...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/23 3:16 p.m.8 views

CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS6.7AI score0.00613EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : linux-firmware-20240603-143.1.el9_4 (AXSA:2024-8596:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8596:08 advisory. kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 Tenable has extracted the preceding description block directly...

6CVSS6.5AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2026/01/14 6:28 p.m.15 views

CVE-2025-71166

CVE-2025-71166 affects Typesetter CMS versions up to and including 5.1. The vulnerability is a reflected cross-site scripting (XSS) in the administrative interface, specifically in the Tools Status move message handling. The path parameter is reflected into HTML output without proper encoding in ...

5.4CVSS5.3AI score0.00194EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/14 6:28 p.m.24 views

CVE-2025-71166 Typesetter CMS Reflected XSS via Move Message Handling

Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the administrative interface within the Tools Status move message handling. The path parameter is reflected into the HTML output without proper output encoding in...

4.8CVSS0.00194EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.5 views

CVE-2021-22306

There is an out-of-bound read vulnerability in Mate 30 10.0.0.182C00E180R6P2. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service...

4.6CVSS6.8AI score0.00213EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/12/26 12:24 p.m.5 views

Security update for buildah

This update for buildah fixes the following issues: CVE-2025-47914: golang.org/x/crypto/ssh/agent: Fixed out of bounds read caused by non validated message size bsc1254054 CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in...

8.7CVSS6.9AI score0.00591EPSS
Exploits1References8
OSV
OSV
added 2025/12/26 12:24 p.m.2 views

SUSE-SU-2025:4526-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-47914: golang.org/x/crypto/ssh/agent: Fixed out of bounds read caused by non validated message size bsc1254054 - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type...

7.5CVSS6.8AI score0.00591EPSS
Exploits1References5
NVD
NVD
added 2025/12/24 11:15 a.m.5 views

CVE-2023-54036

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU The wifi + bluetooth combo chip RTL8723BU can leak memory especially? when it's connected to a bluetooth audio device. The busy bluetooth traffic generates lots of C2H ca...

0.00157EPSS
Exploits0References5
Veracode
Veracode
added 2025/12/13 4:35 a.m.7 views

Authorization Bypass

Spring Framework is vulnerable to an Authorization Bypass. The vulnerability is due to improper enforcement of authorization checks in STOMP over WebSocket message handling, which allows an attacker to send unauthorized messages and bypass intended security controls...

4.3CVSS7AI score0.00286EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/10/17 8:29 p.m.9 views

CVE-2025-62508 Citizen vulnerable to stored XSS in sticky header button messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Citizen from 3.3.0 to 3.9.0 are vulnerable to stored cross-site scripting in the sticky header button message handling. In stickyHeader.js the copyButtonAttributes function assigns innerHTML from a source element’s...

6.5CVSS0.00409EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/17 1:1 a.m.8 views

net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg

...

5.5CVSS7AI score0.00212EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6397

Malware in sbrugna...

10CVSS9.2AI score0.02952EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-7472

Malware in sbrugna...

5.3CVSS5.6AI score0.02709EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6377

Malware in sbrugna...

10CVSS9.2AI score0.02226EPSS
Exploits0References2
Rows per page
Query Builder