Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 8:57 p.m.4 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in AssertJ (CVE-2026-24400)

Summary A vulnerability in AssertJ that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-24400 DESCRIPTION: AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an X...

9.1CVSS7.1AI score0.00542EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/02/27 1:16 a.m.2 views

UBUNTU-CVE-2021-4456

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker ma...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/29 7:27 p.m.6 views

CVE-2026-24739

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

6.3CVSS5.8AI score0.00201EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-1383

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00491EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-24240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if...

7.1CVSS5.7AI score0.01265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.2 views

PT-2024-8345 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg versions up to 7.0.1 Description: A critical issue has been found in the function pnm decode frame in the /libavcodec/pnmdec.c library, which can lead to a heap-based buffer overflow. This can be exploited remotely, potentially allowin...

9.8CVSS6.7AI score0.01545EPSS
Exploits5References175
PyPA
PyPA
added 2024/03/19 5:15 a.m.6 views

PYSEC-2024-48

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service ReDoS via the lineswithleadingtabsexpanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting thi...

5.3CVSS7.4AI score0.00971EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/05 12:0 a.m.6 views

PT-2022-19090 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 b20191024 Description: A command injection issue is found in the setWiFiWpsCfg interface, allowing an attacker to execute arbitrary commands through a carefully constructed payload. Recommendations: For...

10CVSS9.9AI score0.02945EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2018/09/04 12:0 a.m.5 views

vdsm: calls to qemu-img are not protected by prlimit/ulimit

It was found that vdsm would invoke qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact...

7.1CVSS5.8AI score0.01185EPSS
Exploits0References5
Rows per page
Query Builder