Lucene search
K

32 matches found

Snyk
Snyk
added 5 days ago5 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the LFS object reuse process. An attacker can gain unauthorized access to private source objects by leveraging repository access without having the required Code-unit permissions...

7.1CVSS7.2AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 5 days ago4 views

CVE-2026-28740

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS0.00323EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/08 11:16 p.m.6 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the bz2.BZ2Decompressor objects. An attacker can cause out-of-bounds writes to a stack buffer by reusing a decompressor object after a decompression error and providing crafted input. This can result in...

8.2CVSS5.5AI score0.00376EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of objects released by InterestGroups...

8.8CVSS5.2AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

8.8CVSS5.3AI score0.0028EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

8.8CVSS5.3AI score0.00228EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

8.8CVSS5.3AI score0.00236EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.15 views

gitea -- multiple vulnerabilities

The Gitea team reports: CVE-2026-27783: incorrect read permission check CVE-2026-25714: public-only token filtering bypass CVE-2026-20706: missing token scope checking CVE-2026-27771: unauthenticated access to private container images CVE-2026-28744: git smart HTTP request scope bug CVE-2026-2869...

9.8CVSS6.1AI score0.40738EPSS
Exploits7References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

8.8CVSS5.8AI score0.00378EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

PowerDNS DNSdist 安全漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the use of the DNSQuestion:getEDNSOptions method, where objects are reclaimed and reused,...

7.5CVSS5.8AI score0.00471EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

6.5CVSS5.8AI score0.0045EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9657

Malware in sbrugna...

9.8CVSS7.8AI score0.02933EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of a working object after its release...

7.8CVSS6.5AI score0.00154EPSS
Exploits0References7
OSV
OSV
added 2025/06/09 2:59 p.m.6 views

USN-7562-1 tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

8.6CVSS6.9AI score0.23072EPSS
Exploits6References9
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 1:22 p.m.21 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect watsonx.data

Summary Apache Tomcat is vulnerable to an unchecked error condition attack and to incorrect object re-cycling and re-use attack. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-52316 DESCRIPTION: Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured...

9.8CVSS6.8AI score0.06287EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from a remote code execution vulnerability in the AcroForm Doc object reuse after release...

7.8CVSS7.8AI score0.00415EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.5 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that can be exploited by an attacker to cause mdev-addrs object to be reused and denied service after release...

4.7CVSS8.5AI score0.00349EPSS
Exploits0References4
OSV
OSV
added 2023/04/10 8:15 p.m.4 views

CVE-2023-26495

An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code...

7.8CVSS6.5AI score0.0044EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.7 views

SUSE CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors...

9.8CVSS7.4AI score0.02933EPSS
Exploits0References7
Rows per page
Query Builder