Lucene search
+L

181 matches found

SUSE CVE
SUSE CVE
added 2026/04/11 10:7 a.m.5 views

SUSE CVE-2024-21061

unknown...

4.9CVSS6.5AI score0.00887EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 8:31 p.m.4 views

CVE-2026-33879 FLIP doesn't have rate limiting or brute-force protection on login

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...

6.9CVSS5.9AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2026/03/10 8:0 p.m.1 views

MINI-8X5R-W37Q-WJXR

Bulletin has no description...

6.1CVSS5.7AI score0.00328EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/05 7:10 p.m.4 views

CVE-2026-28277 LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...

6.8CVSS5.8AI score0.05219EPSS
Exploits0References1
OSV
OSV
added 2026/01/29 10:15 p.m.4 views

UBUNTU-CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS6.2AI score0.00517EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/24 12:0 a.m.9 views

PT-2026-4564

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's...

7.5CVSS5.8AI score0.00589EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.12 views

PT-2026-2206

Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description An attacker with a network connection could detect credentials in clear text. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

8.7CVSS6.5AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/05 8:49 p.m.5 views

EUVD-2025-206233

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, an attacker can initiate a password reset for a victim, and modify the host header of the request to a malicious value. The victim will...

8.5CVSS6.4AI score0.00356EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/05 8:45 p.m.5 views

CVE-2025-64424 Colify has command injection vulnerability in project git source

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a command injection vulnerability exists in the git source input fields of a resource, allowing a low privileged user member to execute syst...

9.4CVSS7.3AI score0.0194EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.9 views

PT-2025-53041

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iommufd subsystem where the same hardware-assisted page table hwpt could be added to the ioas-hwpt list multiple times. This double addition...

6.5AI score0.00189EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/19 4:17 p.m.5 views

CVE-2025-9977

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an unauthenticated attacker to perform DoS attacks. SQL injection attacks might also be feasible, although so far creating a working exploit has been...

5.3CVSS7.9AI score0.02158EPSS
Exploits0References1
NVD
NVD
added 2025/11/18 4:15 p.m.10 views

CVE-2025-9977

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an unauthenticated attacker to perform DoS attacks. SQL injection attacks might also be feasible, although so far creating a working exploit has been...

5.3CVSS0.02158EPSS
Exploits0References2
CVE
CVE
added 2025/11/18 3:46 p.m.27 views

CVE-2025-9977

CVE-2025-9977 affects Times Software E-Payroll. The issue stems from improper sanitization of data in a POST parameter during login, which could let an unauthenticated attacker cause a DoS and may enable SQL injection; command injection attempts have also produced detailed error messages exposing...

5.3CVSS7.5AI score0.02158EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/18 3:46 p.m.15 views

CVE-2025-9977 Improper neutralization of input in Times Software E-PAYROLL

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an unauthenticated attacker to perform DoS attacks. SQL injection attacks might also be feasible, although so far creating a working exploit has been...

5.3CVSS0.02158EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/18 3:46 p.m.7 views

EUVD-2025-198043

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an unauthenticated attacker to perform DoS attacks. SQL injection attacks might also be feasible, although so far creating a working exploit has been...

5.3CVSS7.3AI score0.02158EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.9 views

PT-2025-47333

Name of the Vulnerable Software and Affected Versions Times Software E-Payroll affected versions not specified Description The application does not properly sanitize data received in POST parameters during the login process, potentially allowing an unauthenticated attacker to perform...

5.3CVSS7.6AI score0.02158EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/28 6:11 p.m.2 views

CVE-2025-40067

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Index allocation requires at least one bit in the $BITMAP attribute to track usage of index entries. If the bitmap is empty while index blocks are already...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-39981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following...

5.4AI score0.00187EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-42340

Name of the Vulnerable Software and Affected Versions BIG-IP systems affected versions not specified Description Undisclosed traffic can lead to data corruption and unauthorized data modification in protocols lacking message integrity protection. Software versions that have reached End of Technic...

6.3CVSS6.6AI score0.00231EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-55017

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.0024EPSS
Exploits0References2
Rows per page
Query Builder