Lucene search
K

24 matches found

CVE
CVE
added yesterday13 views

CVE-2026-54901

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj::Parser in usual mode does not mark arrayclass and hashclass references during garbage collection, leading to Use-After-Free. If GC runs after the class is assigned but before a parse,...

6.3CVSS5.7AI score
Exploits0References1
CVE
CVE
added yesterday19 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday22 views

CVE-2026-54897

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...

2.1CVSS5.7AI score
Exploits0References1
CVE
CVE
added yesterday18 views

CVE-2026-54896

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...

2.1CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday16 views

CVE-2026-54899

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...

6.3CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2026/06/18 12:16 a.m.10 views

CVE-2026-48764

TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF validation is implemented by resolving a hostname once and checking whether the resolved IP belongs to a forbidden range allowing for DNS rebinding bypass. The root cause is a time-of-check to time-of-use gap in the SSRF guard...

8.2CVSS0.00271EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 11:29 p.m.18 views

CVE-2026-48764

TypeBot suffers an SSRF in HTTP request and script fetch flows prior to version 3.17.2. The root cause is a time‑of‑check/time‑of‑use gap: the hostname is validated once against a forbidden range, but the subsequent request resolves the hostname again and may connect to a different IP, enabling D...

8.2CVSS5.4AI score0.00271EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/17 11:29 p.m.26 views

CVE-2026-48764 TypeBot has SSRF in HTTP request and script fetch flows via DNS rebinding bypass

TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF validation is implemented by resolving a hostname once and checking whether the resolved IP belongs to a forbidden range allowing for DNS rebinding bypass. The root cause is a time-of-check to time-of-use gap in the SSRF guard...

8.2CVSS0.00271EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50572

TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF validation is implemented by resolving a hostname once and checking whether the resolved IP belongs to a forbidden range allowing for DNS rebinding bypass. The root cause is a time-of-check to time-of-use gap in the SSRF guard...

8.2CVSS5.4AI score0.00271EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/02 1:10 p.m.12 views

Important: Red Hat Security Advisory: Red Hat Quay 3.17.2

Red Hat Quay 3.17.2 is now available with bug fixes. Quay 3.17.2...

10CVSS7.2AI score0.01557EPSS
Exploits10References25
CVE
CVE
added 2026/04/07 10:46 a.m.13 views

CVE-2026-4420

Summary: CVE-2026-4420 affects Bludit with a Stored XSS in the “page creating” flow. An authenticated user with page-creation privileges (Author/Editor/Admin) can insert a malicious script into the tags field when creating an article. The payload executes when a victim visits the uploaded resourc...

5.4CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/27 12:31 p.m.3 views

EUVD-2026-16581

Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2...

8.7CVSS5.8AI score0.01919EPSS
Exploits4References3
NVD
NVD
added 2026/03/27 12:16 p.m.3 views

CVE-2026-25101

Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2...

9.8CVSS0.00356EPSS
Exploits4References2
CVE
CVE
added 2026/03/27 11:55 a.m.9 views

CVE-2026-25101

Bludit exposes a session fixation vulnerability: an attacker can set a user’s session ID before authentication, and the ID persists after login, enabling session hijacking. The issue affects Bludit and is fixed in version 3.17.2. Metrics indicate a high-impact CVSS base score (C/H I/H A/H) with n...

9.8CVSS5.8AI score0.01919EPSS
Exploits4References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 11:55 a.m.1 views

CVE-2026-25101 Session Fixation in Bludit

Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2...

4.8CVSS5.8AI score0.01919EPSS
Exploits4References2
Cvelist
Cvelist
added 2026/03/27 11:55 a.m.28 views

CVE-2026-25101 Session Fixation in Bludit

Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2...

4.8CVSS0.00356EPSS
Exploits4References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 11:55 a.m.3 views

CVE-2026-25101

Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2...

8.7CVSS5.8AI score0.01919EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28341

Name of the Vulnerable Software and Affected Versions Bludit versions prior to 3.17.2 Description Bludit allows a user's session identifier to be set before authentication. The session ID remains consistent even after authentication, potentially allowing an attacker to fixate a session ID for a...

8.7CVSS5.8AI score0.01919EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002444 advisory. The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial...

7.8CVSS7.1AI score0.08579EPSS
Exploits1References25
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-3633

Malware in sbrugna...

7.8CVSS6.6AI score0.08579EPSS
Exploits1References32
Rows per page
Query Builder