Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.14 views

TencentOS Server 3: osbuild-composer (TSSA-2026:0387)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0387 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS5.9AI score0.00728EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.19 views

PT-2026-43396

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.8.1 Description An issue exists in the OSS file service URL fetch endpoint "chat/api/oss/get url" where inconsistent URL parsing between the urlparse validation function and the requests HTTP client allows for a...

6.3CVSS5.8AI score0.00232EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.20 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2026-1572)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1572 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir o...

9.1CVSS7.4AI score0.01557EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/04/06 12:0 a.m.6 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1)

The version of AOS installed on the remote host is prior to 7.5.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1 advisory. - A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library...

9.8CVSS6.2AI score0.64718EPSS
Exploits35References39
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.17 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1482)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1482 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or...

7.5CVSS7.5AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

RHEL 9 : osbuild-composer (RHSA-2026:5327)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5327 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

7.5CVSS6.9AI score0.01945EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

RHEL 10 : osbuild-composer (RHSA-2026:3752)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3752 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

10CVSS5.9AI score0.01945EPSS
Exploits4References10
OSV
OSV
added 2026/03/04 12:0 a.m.6 views

ALSA-2026:3752 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: crypto/x50...

10CVSS5.8AI score0.01945EPSS
Exploits4References10
AlmaLinux
AlmaLinux
added 2026/02/25 12:0 a.m.9 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...

10CVSS5.6AI score0.01945EPSS
Exploits4References10
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.3 views

CVE-2018-4016

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

8.8CVSS8.1AI score0.00707EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:54 a.m.9 views

CVE-2025-1211

Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery SSRF due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://[email protected]/, the URI function will parse and see the host as 127.0.0.1 which is correct, and hackney...

6.5CVSS6.5AI score0.0048EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15802

Malware in sbrugna...

8.8CVSS8AI score0.00707EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-0418

Malware in sbrugna...

10CVSS8.9AI score0.03805EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2025/07/01 12:0 a.m.8 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...

9.8CVSS7.2AI score0.03057EPSS
Exploits0References10
OSV
OSV
added 2025/06/26 8:45 a.m.3 views

SUSE-SU-2025:02122-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to MozillaFirefox 128.12.0 MFSA 2025-23, bsc1244670: - CVE-2025-6424: Use-after-free in FontFaceSet - CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID - CVE-2025-6426: No warning when opening...

9.8CVSS6.6AI score0.03057EPSS
Exploits0References7
NVD
NVD
added 2025/05/03 9:15 p.m.45 views

CVE-2025-47241

In browser-use aka Browser Use before 0.1.45, URL parsing of alloweddomains is mishandled because userinfo can be placed in the authority component...

4CVSS0.00445EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/31 12:0 a.m.21 views

Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-899)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-899 advisory. The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be...

6.3CVSS6.7AI score0.01499EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/27 12:0 a.m.9 views

CVE-2024-51138

Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier;...

9.7AI score0.00999EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/21 12:0 a.m.6 views

The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.

The vulnerability of the URL parsing module of the Sante PACS Server PG system is related to insufficient data validation during URL parsing. Exploiting this vulnerability could allow an attacker to cause service interruptions...

8.5CVSS7.5AI score0.00846EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.7 views

CVE-2022-3818

An uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to cause performance issues and potentially a denial of service on the GitLab instance...

5.3CVSS6.4AI score0.0067EPSS
Exploits0References2
Rows per page
Query Builder