Lucene search
K

16 matches found

OSV
OSV
added 2026/05/20 12:39 a.m.27 views

MAL-2026-4406 Malicious code in @mcpassure/mcp-anvisa-bulario (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e846cabb7b5077244737d7a465e944ebe7635db46cc55e7e5736eeda47d30938 dist/bootstrap.js references a hardcoded URL on pub-046c52795b9445cd9f5cc5cb21b9d59f.r2.dev — an anonymous Cloudflare R2 bucket — and calls fetch...

5.9AI score
Exploits0References10
Oracle linux
Oracle linux
added 2026/03/05 12:0 a.m.11 views

osbuild-composer security update

149-4.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...

10CVSS5.9AI score0.01945EPSS
Exploits4
OSV
OSV
added 2025/11/03 9:49 p.m.4 views

GHSA-H238-5MWF-8XW8 lakeFS affected by unauthenticated access to API usage metrics

Impact Missing authentication in the /api/v1/usage-report/summary endpoint allows anyone to retrieve aggregate API usage counts. While no sensitive data is disclosed, the endpoint may reveal information about service activity or uptime. Patches Upgrade to v1.70.1 Workarounds Any ONE of these is...

5.3CVSS7AI score0.00274EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/09 12:47 p.m.26 views

CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows

WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...

9.9CVSS0.00636EPSS
Exploits0References5
Kitploit
Kitploit
added 2024/01/23 11:30 a.m.19 views

Rayder - A Lightweight Tool For Orchestrating And Organizing Your Bug Hunting Recon / Pentesting Command-Line Workflows

Rayder is a command-line tool designed to simplify the orchestration and execution of workflows. It allows you to define a series of modules in a YAML file, each consisting of commands to be executed. Rayder helps you automate complex processes, making it easy to streamline repetitive modules and...

8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/11/14 3:19 p.m.48 views

Low: Red Hat Security Advisory: qt5-qtsvg security update

An update for qt5-qtsvg is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

6.5CVSS6.7AI score0.00877EPSS
Exploits0References3
OSV
OSV
added 2023/11/14 12:0 a.m.22 views

ALSA-2023:6961 Low: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...

6.5CVSS6.7AI score0.00877EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 8:52 a.m.35 views

Moderate: Red Hat Security Advisory: qt5 security and bug fix update

An update for the qt5 stack is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.8AI score0.01553EPSS
Exploits1References37
OSV
OSV
added 2023/11/07 12:0 a.m.31 views

ALSA-2023:6369 Moderate: qt5 security and bug fix update

Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...

7.5CVSS7.3AI score0.01553EPSS
Exploits1References12
CNVD
CNVD
added 2021/05/24 12:0 a.m.4 views

Libwebp Uninitialized Variable Usage Vulnerability

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from the use of a single variable in the ReadSymbol function. An attacker could exploit the vulnerability to threaten data confidentiality...

9.8CVSS6.7AI score0.0223EPSS
Exploits0References1
NVD
NVD
added 2020/03/24 9:15 p.m.32 views

CVE-2020-6078

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...

7.5CVSS8.4AI score0.03011EPSS
Exploits1References3
OSV
OSV
added 2020/03/24 9:15 p.m.23 views

CVE-2020-6078

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually results in ...

7.5CVSS6.5AI score
Exploits0References3
Qualys Blog
Qualys Blog
added 2019/10/07 2:0 p.m.180 views

Enhanced API Scanning with Postman Support in Qualys WAS

Due to the fast-growing usage of REST APIs, having a way to test them for vulnerabilities in an automated, reliable way is more important than ever. Automated testing of APIs is a little trickier than for web applications. You can't simply enter a starting URL for the scanner and click "Go"...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2013/05/17 12:0 a.m.30 views

CentOS Update for libvirt CESA-2013:0831 centos6

Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS7AI score0.03513EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/11/26 12:0 a.m.21 views

Fedora 18 : viewvc-1.1.17-2.fc18 (2012-16646)

Patch CVE-2012-4533. Version 1.1.16 - security fix: escape 'extra' diff info to avoid XSS attack issue 515 - add 'binarymimetypes' configuration option and handling issue 510 - fix 'select for diffs' persistence across log pages issue 512 - remove lock status and filesize check on directories in...

4.3CVSS5.4AI score0.03085EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2006/01/15 12:0 a.m.18 views

ezDatabase20.txt

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...

7.4AI score
Exploits0
Rows per page
Query Builder