Lucene search
K

158827 matches found

Debian CVE
Debian CVE
added 2026/05/26 5:45 p.m.28 views

CVE-2026-9567

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

4.8CVSS5.3AI score0.00115EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/26 4:16 p.m.10 views

CVE-2026-48864

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS5.9AI score0.00205EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/05/26 4:14 p.m.10 views

CVE-2026-45835

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
EUVD
EUVD
added 2026/05/26 3:46 p.m.11 views

EUVD-2025-209933

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 3:46 p.m.13 views

CVE-2025-13755

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/26 3:46 p.m.36 views

CVE-2025-13755 IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 3:46 p.m.30 views

CVE-2025-13755

CVE-2025-13755 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (Linux/UNIX/Windows, including Db2 Connect Server). The root cause is that the system can store potentially sensitive information in log files, which could be read by a local user, constituting a credential exposure (CWE-532). Impact ...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/26 3:35 p.m.16 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.8AI score0.00094EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/26 1:56 p.m.9 views

CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.4AI score0.12797EPSS
Exploits7
Wolfi
Wolfi
added 2026/05/26 1:48 p.m.14 views

CVE-2026-42151 vulnerabilities

Vulnerabilities for packages: prometheus, minio...

7.5CVSS5.8AI score0.00314EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/26 1:48 p.m.15 views

GHSA-WG65-39GG-5WFJ vulnerabilities

Vulnerabilities for packages: prometheus, minio...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/26 1:18 p.m.9 views

GHSA-WG65-39GG-5WFJ vulnerabilities

Vulnerabilities for packages: ld-relay, minio, ld-relay-fips, prometheus, prometheus-fips, elastic-agent-fips, minio-fips, elastic-agent...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/26 1:18 p.m.15 views

CVE-2026-42151 vulnerabilities

Vulnerabilities for packages: ld-relay, minio, ld-relay-fips, prometheus, prometheus-fips, elastic-agent-fips, minio-fips, elastic-agent...

7.5CVSS5.8AI score0.00314EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/26 1:10 p.m.8 views

CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

9.9CVSS5.8AI score0.00596EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/26 12:55 p.m.11 views

Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve

A flaw was found in Apache Tomcat. This open redirect vulnerability allows an attacker to redirect a user to an untrusted site. This occurs through the LoadBalancerDrainingValve, which can be exploited to manipulate URL redirection. The primary impact is that users may be unknowingly directed to...

6.1CVSS6.3AI score0.00526EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/26 11:45 a.m.7 views

CVE-2026-9541

A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...

5.3CVSS6.1AI score0.0017EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/26 10:23 a.m.13 views

glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...

7.5CVSS5.8AI score0.00292EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/26 9:24 a.m.7 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS6AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/26 6:51 a.m.9 views

gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...

8.2CVSS5.8AI score0.00423EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/26 6:51 a.m.9 views

gnutls: gnutls: Security bypass due to incorrect name constraint handling

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References5
Rows per page
Query Builder