Lucene search
K

37 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

When installing an add-on, Firefox verifies the signature before prompting the user. However, while the user is confirming the prompt, the underlying add-on file could be modified without being detected by Firefox. This vulnerability affects Firefox versions earlier than 98, Firefox ESR versions...

7.5CVSS6.8AI score0.00657EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-45022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that...

7.5CVSS5.5AI score0.00159EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.7 views

Security update for python-cryptography (important)

openSUSE security update: security update for python-cryptography ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20506-1 Rating: important References: bsc1258074 bsc1260876 Cross-References: CVE-2026-26007 CVE-2026-34073 CVSS scores: CVE-2026-26007...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.39 views

Amazon Linux 2023 : mount-s3 (ALAS2023-2026-1510)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1510 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

8.7CVSS5.9AI score0.01079EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.5 views

TencentOS Server 4: edk2 (TSSA-2026:0116)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0116 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS6.3AI score0.00844EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 11:21 a.m.7 views

Security Bulletin: Multiple Vulnerabilities affect IBM Decision Optimization for Cloud Pak for Data.

Summary Multiple Vulnerabilities were addressed in IBM Decision Optimization for Cloud Pak for Data version 5.3 Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jw...

8.2CVSS6.3AI score0.00743EPSS
Exploits5Affected Software1
NVD
NVD
added 2026/02/03 5:15 p.m.6 views

CVE-2026-1568

Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service ACS cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Console" installations, resulting in full account takeover. The...

9.6CVSS0.00142EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : gnupg2 (EulerOS-SA-2026-1117)

According to the versions of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that...

4.7CVSS6AI score0.00179EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:50 a.m.11 views

Security Bulletin: IBM Edge Data Collector uses jws-3.2.2.tgz which are vulnerable to CVE-2025-65945.

Summary IBM Edge Data Collector uses jws-3.2.2.tgz which are vulnerable to CVE-2025-65945. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In...

7.5CVSS5.8AI score0.002EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1273

Malware in sbrugna...

9.8CVSS9.3AI score0.00658EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-8005

Malware in sbrugna...

5.9CVSS5.9AI score0.00593EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2000-0961

Malware in sbrugna...

7.5CVSS6.4AI score0.03039EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-5407

Malware in sbrugna...

6.5CVSS6.6AI score0.00956EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-50382

Malicious code in bioql PyPI...

5.7CVSS6AI score0.00173EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-51398

Malicious code in bioql PyPI...

7.8CVSS9AI score0.00505EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.25 views

EUVD-2023-0264

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00487EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1576

Malicious code in bioql PyPI...

7.5CVSS6.9AI score0.01015EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/13 12:0 a.m.6 views

EulerOS 2.0 SP13 : gnupg2 (EulerOS-SA-2025-1975)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect...

4.7CVSS6AI score0.00179EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/08/12 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2025-1989)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS4.3AI score0.00179EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/28 7:47 p.m.9 views

CVE-2025-54419 Node-SAML Contains SAML Signature Verification Vulnerability

A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details with...

10CVSS0.00357EPSS
Exploits0References3
Rows per page
Query Builder