Lucene search
K

762 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/17 12:0 a.m.8 views

Fedora 43 : python-uv-build / rust-astral-tokio-tar / uv (2026-a8100094df)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-a8100094df advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/11 7:36 p.m.6 views

GHSA-6M6C-36F7-FHXH Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS

Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exclude all dates. Example: gantt excludes monday,tuesday,wednesday,thursday,friday,saturday,sunday DoS :2025-01-01, 1d mermaid.parse is unaffected,...

5.3CVSS5.7AI score0.00384EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.9 views

PT-2026-39823

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.7 views

TencentOS Server 3: freerdp (TSSA-2026:0266)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0266 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS5.7AI score0.00656EPSS
Exploits5References14
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.10 views

PT-2026-35931

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.30.4 PhpSpreadsheet versions 2.0.0 through 2.1.15 PhpSpreadsheet versions 2.2.0 through 2.4.4 PhpSpreadsheet versions 3.3.0 through 3.10.4 PhpSpreadsheet versions 4.0.0 through 5.6.0 Description The HTML Writ...

5.4CVSS5.9AI score0.00202EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/04/15 1:22 a.m.6 views

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 9:57 a.m.8 views

CLEANSTART-2026-UY60586 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142 applied in versions: 3.19.0-r0, 4.0.0-r0, 4.0.1-r0, 4.1.1-r1, 4.1.1-r2

Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS6.9AI score0.00728EPSS
Exploits2References33
OSV
OSV
added 2026/04/01 9:56 a.m.4 views

CLEANSTART-2026-XH83206 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.11-r0, 3.1.11-r1, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4

Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7AI score0.04518EPSS
Exploits4References48
OSV
OSV
added 2026/04/01 9:53 a.m.3 views

CLEANSTART-2026-OX06978 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.1-r1

Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.9CVSS6.9AI score0.04518EPSS
Exploits3References45
OSV
OSV
added 2026/04/01 9:36 a.m.6 views

CLEANSTART-2026-KW24478 Security fixes for CVE-2021-3538, CVE-2025-15558, CVE-2025-29923, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 2.14.2-r0, 2.14.2-r1, 2.15.0-r0, 2.15.0-r1

Multiple security vulnerabilities affect the harbor-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.02307EPSS
Exploits2References21
OSV
OSV
added 2026/04/01 9:31 a.m.12 views

CLEANSTART-2026-TS54009 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.24.4-r0, 1.27.3-r0, 1.27.3-r1

Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.9AI score0.01557EPSS
Exploits4References19
OSV
OSV
added 2026/04/01 9:24 a.m.4 views

CLEANSTART-2026-MF20926 Security fixes for CVE-2021-38561, CVE-2022-27191, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 3.1.2-r3, 3.1.2-r4, 3.7.0-r0, 3.7.0-r2

Multiple security vulnerabilities affect the git-lfs-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7AI score0.03931EPSS
Exploits4References41
OSV
OSV
added 2026/04/01 9:22 a.m.10 views

CLEANSTART-2026-PW57640 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-4427, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-9h8m-3fm2-qjrq, ghsa-9mj6-hxhv-w67j, ghsa-cfpf-hrx2-8rv6, ghsa-f6x5-jh6r-wrfv, ghsa-fw7p-63qq-7hpr, ghsa-j5w8-q4qc-rx2x, ghsa-jqcq-xjh3-6g23, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-x6gf-mpr2-68h6 applied in versions: 1.12.1-r0, 1.12.1-r1, 1.12.1-r2

Multiple security vulnerabilities affect the grafana-alloy-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.01945EPSS
Exploits3References43
OSV
OSV
added 2026/04/01 9:22 a.m.3 views

CLEANSTART-2026-JM60128 Security fixes for CVE-2026-4428, ghsa-2gh3-rmm4-6rq5, ghsa-394x-vwmw-crm3, ghsa-434x-w66g-qw3r, ghsa-65p9-r9h6-22vj, ghsa-9f94-5g5w-gf6r, ghsa-hfpc-8r3f-gw53, ghsa-pwjx-qhcg-rvj4, ghsa-r6v5-fh4h-64xc, ghsa-vw5v-4f2q-w9xf, ghsa-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.28.4-r0, 1.28.4-r1

Multiple security vulnerabilities affect the ztunnel-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS5.9AI score0.00252EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2026/03/27 7:43 p.m.9 views

Ruby LSP has arbitrary code execution through branch setting

Summary The rubyLsp.branch VS Code workspace setting was interpolated without sanitization into a generated Gemfile, allowing arbitrary Ruby code execution when a user opens a project containing a malicious .vscode/settings.json. Other editors that support workspace setting that get automatically...

9.8CVSS6.3AI score0.00479EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/27 7:11 a.m.5 views

BIT-DISCOURSE-2026-33410 Discourse hardens chat DM channel creation and expansion

Discourse is an open-source discussion platform. Versions prior to 2026.3.0, 2026.2.1, and 2026.1.2 have two authorization issues in the chat direct message API. First, when creating a direct message channel or adding users to an existing one, the targetgroups parameter was passed directly to the...

5.4CVSS5.9AI score0.00156EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.5 views

CVE-2026-28852

A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause a denial-of-service...

5.5CVSS5.8AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.2 views

PT-2026-26938

Name of the Vulnerable Software and Affected Versions Suricata affected versions not specified Description This relates to security issues addressed in the libsuricata8 0 4-8.0.4-1.1 package on openSUSE Tumbleweed. Recommendations At the moment, there is no information about a newer version that...

7.5CVSS5.9AI score0.00351EPSS
Exploits0References11
Oracle linux
Oracle linux
added 2026/03/17 12:0 a.m.16 views

container-tools:rhel8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related:...

10CVSS7.3AI score0.01945EPSS
Exploits6
Cvelist
Cvelist
added 2026/02/26 3:4 p.m.21 views

CVE-2026-26207 DIscourse's discourse-policy plugin lacks post access check

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, discourse-policy plugin allows any authenticated user to interact with policies on posts they do not have permission to view. The PolicyController loads posts by ID without verifying the current...

5.4CVSS0.00151EPSS
Exploits0References1
Rows per page
Query Builder