Lucene search
+L

1406 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 4:42 p.m.9 views

Security Bulletin: IBM watsonx.data integration has several vulnerabilities due to open source packages.

Summary Open source packages are used as part of the overall processing in IBM watsonx.data integration. Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has a...

8.9CVSS6.9AI score0.00705EPSS
Exploits3Affected Software1
OSV
OSV
added 2026/03/18 6:15 p.m.6 views

OPENSUSE-SU-2026:20390-1 Security update for protobuf

This update for protobuf fixes the following issues: Security fixes: - CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that could lead to crash due to RecursionError bsc1244663. - CVE-2026-0994: Fixed google.protobuf.A...

8.2CVSS6.9AI score0.00613EPSS
Exploits0References5
OSV
OSV
added 2026/03/18 6:11 p.m.5 views

SUSE-SU-2026:20907-1 Security update for protobuf

This update for protobuf fixes the following issues: Security fixes: - CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that could lead to crash due to RecursionError bsc1244663. - CVE-2026-0994: Fixed google.protobuf.A...

8.2CVSS6.8AI score0.00613EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/18 1:19 p.m.7 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.02772EPSS
Exploits5References13
RedHat Linux
RedHat Linux
added 2026/03/18 1:17 p.m.11 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.1AI score0.02772EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.2 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:4917)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4917 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.9AI score0.02772EPSS
Exploits5References23
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.4 views

EulerOS Virtualization 2.12.1 : protobuf (EulerOS-SA-2026-1454)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of...

8.2CVSS7.4AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.8 views

EulerOS Virtualization 2.12.0 : protobuf (EulerOS-SA-2026-1511)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of...

8.2CVSS5.9AI score0.00281EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for protobuf (EulerOS-SA-2026-1454)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS5.8AI score0.00281EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for protobuf (EulerOS-SA-2026-1511)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS5.8AI score0.00281EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.5 views

CVE-2026-29781

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

6.5CVSS5.8AI score0.00504EPSS
Exploits1References1
NVD
NVD
added 2026/03/07 4:15 p.m.14 views

CVE-2026-29781

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

6.5CVSS0.00504EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/07 3:25 p.m.4 views

CVE-2026-29781 Sliver: Authenticated Nil-Pointer Dereference in Handlers

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

5.3CVSS5.8AI score0.00504EPSS
Exploits1References1
CVE
CVE
added 2026/03/07 3:25 p.m.26 views

CVE-2026-29781

Technical details about CVE-2026-29781 are not provided in the connected documents. Public info in these sources confirms the CVE exists but lacks affected product-specific details, root cause, or patch info. Monitor for official advisories.

6.5CVSS5.8AI score0.00504EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/07 3:25 p.m.44 views

CVE-2026-29781 Sliver: Authenticated Nil-Pointer Dereference in Handlers

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

5.3CVSS0.00504EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/07 3:25 p.m.5 views

CVE-2026-29781

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

5.3CVSS5.8AI score0.00504EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/07 3:25 p.m.7 views

CVE-2026-29781 Sliver: Authenticated Nil-Pointer Dereference in Handlers

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...

5.3CVSS5.8AI score0.00504EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.13 views

Sliver 代码问题漏洞

Sliver is an open-source, cross-platform opponent simulation/red team framework developed by Bishop Fox. It can be used by organizations of various sizes for security testing. Versions of Sliver prior to 1.7.3 have code vulnerabilities; these vulnerabilities stem from Protobuf deserialization log...

6.5CVSS7.3AI score0.00504EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.9 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update (Important) (RHSA-2026:3959)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3959 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

8.5CVSS7.3AI score0.09436EPSS
Exploits4References26
RedHat Linux
RedHat Linux
added 2026/03/06 4:36 p.m.5 views

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

8.2CVSS5.8AI score0.00613EPSS
Exploits0References5
Rows per page
Query Builder