Lucene search
K

2260 matches found

OSV
OSV
added 2025/06/18 10:23 a.m.4 views

MAL-2025-5074 Malicious code in build-react-wrapper (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/10 5:38 p.m.4 views

CVE-2025-2474 Vulnerability in PCX Image Codec Impacts QNX Software Development Platform

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...

9.8CVSS9.8AI score0.0061EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 5:38 p.m.63 views

CVE-2025-2474

CVE-2025-2474 describes an out-of-bounds write in the PCX image codec used by QNX SDP 7.0, 7.1, and 8.0. The vulnerability could allow an unauthenticated attacker to cause a denial-of-service or execute code in the context of the process using the image codec. Connected sources corroborate the af...

9.8CVSS9.6AI score0.0061EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/06/04 1:51 p.m.11 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.00763EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/06/04 11:35 a.m.6 views

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.00763EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2025/06/04 12:0 a.m.6 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.3AI score0.00763EPSS
Exploits0References4
OSV
OSV
added 2025/06/04 12:0 a.m.11 views

ALSA-2025:8514 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.3AI score0.00763EPSS
Exploits0References4
HackRead
HackRead
added 2025/06/03 4:42 p.m.5 views

The Role of Continuous Integration and Continuous Deployment (CI/CD) in DevOps

Modern software development demands rapid delivery of high-quality applications that can adapt to changing business requirements and user…...

7.3AI score
Exploits0
AlmaLinux
AlmaLinux
added 2025/06/03 12:0 a.m.8 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.00763EPSS
Exploits0References4
OSV
OSV
added 2025/06/03 12:0 a.m.11 views

ALSA-2025:8468 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.3AI score0.00763EPSS
Exploits0References4
Fedora
Fedora
added 2025/05/25 2:12 a.m.11 views

[SECURITY] Fedora 41 Update: dotnet8.0-8.0.116-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:39 a.m.5 views

CVE-2024-23344

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users e.g. mail notifications. This issue has been patched in version 15.4.99.140 of Tuleap...

6.5CVSS6.6AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:28 a.m.10 views

CVE-2024-39902

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissio...

4.8CVSS6.7AI score0.0031EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:15 a.m.3 views

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.2AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:48 p.m.9 views

CVE-2022-46160

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a project may still be able to...

4.3CVSS6.5AI score0.00498EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.9 views

CVE-2021-32994

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

7.5CVSS6.8AI score0.01629EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:2 p.m.5 views

CVE-2021-2453

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.5CVSS6.3AI score0.01063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.9 views

CVE-2021-23001

On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, the upload functionality in BIG-IP Advanced WAF and BIG-IP ASM allows an authenticated user to upload files to the BIG-IP system using a ca...

4.3CVSS6.7AI score0.00572EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:21 p.m.13 views

CVE-2021-23004

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, Multipath TCP MPTCP forwarding flows may be created on standard virtual servers without MPTCP enabled in the applied TCP profile...

7.5CVSS6.8AI score0.00961EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.2 views

CVE-2020-0561

Improper initialization in the IntelR SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS8.7AI score0.00406EPSS
Exploits0References1
Rows per page
Query Builder