Lucene search
K

223 matches found

Debian CVE
Debian CVE
added 2026/02/18 6:59 p.m.5 views

CVE-2026-25500

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory generates an HTML directory index where each file entry is rendered as a clickable link. If a file exists on disk whose basename starts with the javascript: scheme e.g. javascript:alert1, the...

5.4CVSS6AI score0.00224EPSS
Exploits1
Chainguard
Chainguard
added 2026/01/28 7:17 p.m.5 views

GHSA-97MJ-R9V7-258F vulnerabilities

Vulnerabilities for packages: kibana...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/28 8:32 a.m.3 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.7AI score0.00421EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: python3 (CVE-2024-3219)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3219 advisory. - The socket module provides a pure-Python fallback to the socket.socketpair function for platforms that don't...

5.1CVSS5.6AI score0.00245EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/01/16 5:0 a.m.4 views

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

6.1CVSS5.6AI score0.00303EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/01/15 2:16 p.m.4 views

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.5CVSS6.8AI score0.00299EPSS
Exploits3References2
Chainguard
Chainguard
added 2026/01/15 1:17 a.m.8 views

CVE-2026-22703 vulnerabilities

Vulnerabilities for packages: tkn, cloudbeat-fips, zot, chainctl, kyverno-notation-aws, cloudbeat, teleport, flux-source-controller, image-factory-fips, tekton-chains-fips, aactl, gitsign, kyverno, falcoctl, witness, kyverno-fips, policy-controller, kyverno-policy-reporter-plugins-kyverno,...

5.5CVSS5.9AI score0.00077EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/01/10 5:59 a.m.4 views

CVE-2026-22701

filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition betwee...

5.3CVSS5.3AI score0.00115EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:30 a.m.5 views

GHSA-JHJH-HCM6-MRCC vulnerabilities

Vulnerabilities for packages: linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
AlpineLinux
AlpineLinux
added 2025/12/30 12:41 a.m.4 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS7AI score0.00363EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/16 7:15 p.m.5 views

CVE-2025-68146

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

6.5CVSS7.3AI score0.00184EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/11/26 11:15 p.m.3 views

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References3
Chainguard
Chainguard
added 2025/11/15 7:17 p.m.6 views

GHSA-VC2M-M665-8XM2 vulnerabilities

Vulnerabilities for packages: python...

7AI score
Exploits0
Debian CVE
Debian CVE
added 2025/11/05 3:9 p.m.7 views

CVE-2025-64459

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class Q, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the connector argument...

9.1CVSS7.7AI score0.19396EPSS
Exploits10
Debian CVE
Debian CVE
added 2025/10/21 8:3 p.m.4 views

CVE-2025-62587

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS7AI score0.00184EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/16 5:11 p.m.14 views

CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

7.1CVSS5.2AI score0.00365EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.2 views

CVE-2022-50530

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blkmqclearrqmapping Our syzkaller report a null pointer dereference, root cause is following: blkmqallocmapandrqs set-tagshctxidx = blkmqallocmapandrqs blkmqallocmapandrqs blkmqallocrqs //...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-0743

Malware in sbrugna...

7.5CVSS6.1AI score0.04627EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2010-2188

Malware in sbrugna...

4.3CVSS6AI score0.04958EPSS
Exploits0References27
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0905

Malware in sbrugna...

4.3CVSS6.4AI score0.01782EPSS
Exploits0References7
Rows per page
Query Builder