Lucene search
K

137419 matches found

RedHat Linux
RedHat Linux
added 4 hours ago5 views

Important: Red Hat Security Advisory: Red Hat Openshift Mirror Registry v2.0.11

Red Hat Openshift Mirror Registry v2.0.11 Openshift Mirror Registry v2.0.11...

10CVSS6.8AI score0.00789EPSS
Exploits3References12
Chainguard
Chainguard
added 7 hours ago7 views

GHSA-M25M-5778-FM22 vulnerabilities

Vulnerabilities for packages: grafana-fips...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 7 hours ago5 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS5.9AI score0.00238EPSS
Exploits0References2
OSV
OSV
added 8 hours ago3 views

ROOT-APP-NPM-CVE-2026-42035 CVE-2026-42035 in @rootio/axios - Patched by Root

Root has patched CVE-2026-42035 in the @rootio/axios package for Root:npm. Multiple fixed versions available...

7.4CVSS5.8AI score0.00351EPSS
Exploits1
RedHat Linux
RedHat Linux
added 11 hours ago11 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.6AI score0.0059EPSS
Exploits0References17
OSV
OSV
added 11 hours ago5 views

ROOT-APP-PYPI-CVE-2023-45803 CVE-2023-45803 in rootio-urllib3 - Patched by Root

Root has patched CVE-2023-45803 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...

4.2CVSS7.5AI score0.00544EPSS
Exploits0
RedHat Linux
RedHat Linux
added 12 hours ago10 views

Important: Red Hat Security Advisory: redis:7 security update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.6AI score0.0095EPSS
Exploits0References2
Chainguard
Chainguard
added 13 hours ago7 views

GHSA-CMWH-PVXP-8882 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, opensearch-dashboards-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 13 hours ago5 views

GHSA-VM85-HXW5-5432 vulnerabilities

Vulnerabilities for packages: nextcloud-server, drupal, privatebin...

5.8AI score
Exploits0
Chainguard
Chainguard
added 13 hours ago4 views

GHSA-HCXC-WF8J-23HV vulnerabilities

Vulnerabilities for packages: grafana-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 13 hours ago4 views

GHSA-CRVV-6W6H-CV34 vulnerabilities

Vulnerabilities for packages: grafana-fips...

5.8AI score
Exploits0
OSV
OSV
added 13 hours ago5 views

ROOT-APP-NPM-GHSA-Q4GF-8MX6-V5V3 GHSA-q4gf-8mx6-v5v3 in @rootio/next - Patched by Root

Root has patched GHSA-q4gf-8mx6-v5v3 in the @rootio/next package for Root:npm. Multiple fixed versions available...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 14 hours ago4 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00573EPSS
Exploits0References5
Nuclei
Nuclei
added 16 hours ago17 views

AnythingLLM - Username Enumeration via Password Recovery

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to commit e287fab56089cf8fcea9ba579a3ecdeca0daa313, the password recovery endpoint returns different error messages depending on whether a username exists, so enabling...

5.3CVSS5.8AI score0.00713EPSS
Exploits1
Nuclei
Nuclei
added 16 hours ago14 views

TinaCMS - Path Traversal

TinaCMS CLI 2.1.8 contains a file system read vulnerability caused by disabled Vite server.fs.strict setting, letting unauthenticated attackers read arbitrary files on the host system, exploit requires access to the dev server. id: CVE-2026-29066 info: name: TinaCMS - Path Traversal author:...

6.2CVSS6AI score0.01025EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago10 views

SiYuan <= v3.6.1 - Bookmark Data Disclosure

SiYuan v3.6.2 contains an information disclosure vulnerability caused by improper authorization checks in the publish service's bookmark filtering, letting unauthenticated visitors access bookmarked blocks from password-protected documents, exploit requires access to the publish service. id:...

7.5CVSS5.8AI score0.01227EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago12 views

Vite Dev Server - Information Exposure

Vite dev server could allow reading files from the Vite project root by bypassing server.fs.deny with double forward-slash paths //. This affects exposed dev servers only. id: CVE-2023-34092 info: name: Vite Dev Server - Information Exposure author: ritikchaddha severity: high description: | Vite...

7.5CVSS7.1AI score0.03152EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago12 views

XWiki Platform - Path Traversal

XWiki Platform 4.2-milestone-2 through 16.10.6 contains a path traversal caused by improper access control in jsx and sx endpoints, letting remote attackers read configuration files, exploit requires no special privileges. id: CVE-2025-55748 info: name: XWiki Platform - Path Traversal author:...

9.3CVSS5.9AI score0.01652EPSS
Exploits0References3
Nuclei
Nuclei
added 16 hours ago5 views

Vite dev server - Cross-Site Scripting

Vite's dev server, when used with appType: 'custom' and manually invoking server.transformIndexHtml using the unmodified request URL, is vulnerable to XSS via a crafted URL payload. If the HTML being served includes an inline module script ..., an attacker can inject a script via the URL,...

6.1CVSS6.7AI score0.00997EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago11 views

Dify User Enumeration via Observable Response Discrepancy

Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue. id: CVE-2026-28288 info: name: Dify User Enumeratio...

6.9CVSS5.8AI score0.00635EPSS
Exploits1References2
Rows per page
Query Builder