Lucene search
K

11082 matches found

CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

OpenTelemetry Collector Contrib 安全漏洞

OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed under OpenTelemetry - CNCF. There are security vulnerabilities in versions 0.124.0 to 0.150.0 of OpenTelemetry Collector Contrib. These vulnerabilities stem from the Authenticate method not...

8.1CVSS5.8AI score0.00222EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40693

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix set access flags no-op check for SMMU/ATS faults contpte ptep set access flags compared the gathered ptep get value against the requested entry to detect no-ops. ptep get ORs AF/dirty from all sub-PTEs in the...

5.8AI score0.00114EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/13 12:0 a.m.34 views

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

0.00183EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-43486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.16 views

Next.js 代码问题漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 13.4.13 to 15.5.16, as well as versions before 16.2.5, have code vulnerabilities. These vulnerabilities stem from the use of the built-in Node.js server for hosting. When a custom WebSocket upgrade request is made, it ma...

8.6CVSS5.9AI score0.38696EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

urllib3 安全漏洞

urllib3 is an open-source Python HTTP library developed by urllib3. This product features a thread-safe connection pool and support for file publishing. There were security vulnerabilities in the versions of urllib3 from 2.6.0 to 2.7.0. These vulnerabilities stemmed from the possibility of...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:40 p.m.11 views

EUVD-2026-29854

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

8.2CVSS5.6AI score0.00396EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/12 7:39 p.m.34 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS0.00122EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/12 6:30 p.m.4 views

actbench (=0.0.1a5), agenticos (>=0.0.1 <=0.0.3.155020) +46 more potentially affected by CVE-2026-31245 via mem0ai (>=0.0.20 <=0.1.93)

mem0ai PYPI version =0.0.20, =0.0.1, =1.1.0, =1.1.0, =0.1.41, =1.0.4, =0.61.0, =0.13.0, =0.1.108, =0.1.117, =0.1.120a1, =0.1.120, =0.1.3, =0.1.0, =0.2.1 and more Source cves: CVE-2026-31245 Source advisory: OSV:GHSA-CGX8-QGVR-F7VF...

5.3CVSS5.4AI score0.00335EPSS
Exploits0
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29512

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.9AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 4:16 p.m.30 views

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS0.00341EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/12 3:23 p.m.9 views

azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2614 via mlflow-skinny (>=3.0.0 <=3.0.1)

mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2614 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16643511...

7.5CVSS7.1AI score0.00657EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/12 3:13 p.m.33 views

CVE-2026-34187 SQL Injection in Graph Container Parameter

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 3:11 p.m.15 views

CVE-2026-30808

CVE-2026-30808 concerns Pandora FMS versions 777–800, where a session fixation flaw allows session hijacking via crafted session IDs. The connected sources confirm the vulnerability title and affected range, indicating a problem in authentication/session handling. The impact details in the source...

8.1CVSS5.8AI score0.00267EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 3:11 p.m.33 views

CVE-2026-30808 Session Fixation in Authentication leads to Session Hijacking

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS0.00267EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/12 3:6 p.m.11 views

NPM: protobuf.js: Code injection in pbjs static output from crafted schema names

NPM: protobuf.js: Code injection in pbjs static output from crafted schema names vulnerability discovered by ? in WordPress Npm protobufjs-cli versions = 1.2.0...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/12 3:6 p.m.7 views

node-ral (=0.17.0), protobufjs (=6.1.0) +1 more potentially affected by CVE-2026-44293 via @protobufjs/utf8 (>=1.0.1 <=1.1.0)

@protobufjs/utf8 NPM version =1.0.1, =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @protobufjs/utf8 and may be impacted: - node-ral =0.17.0 - protobufjs =6.1.0 - protobufjs-mod =6.8.2 Source cves: CVE-2026-44293 Source advisory:...

8.8CVSS5.8AI score0.00321EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 3:0 p.m.9 views

@0xchain/telemetry (>=1.1.0-beta.8 <=1.1.0-beta.18), @20206205tech/nestjs-common (>=0.8.0 <=0.11.3) +958 more potentially affected by CVE-2026-44288 via protobufjs (>=8.0.0 <=8.0.1)

protobufjs NPM version =8.0.0, =1.1.0-beta.8, =0.8.0, =1.0.0, =1.1.4, =0.3.1, =0.3.1, =0.7.1, =0.7.0, =0.8.0 and more Source cves: CVE-2026-44288 Source advisory: SNYK:JS-PROTOBUFJS-16643234...

5.3CVSS5.7AI score0.00301EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/12 2:18 p.m.31 views

CVE-2026-32687 SQL injection via channel name in Postgrex.Notifications.listen/3 and unlisten/3

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in elixir-ecto postgrex 'Elixir.Postgrex.Notifications' module allows SQL Injection. The channel argument passed to 'Elixir.Postgrex.Notifications':listen/3 and...

7.5CVSS0.00198EPSS
Exploits0References4
Rows per page
Query Builder