Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/04/02 8:37 a.m.5 views

SUSE CVE-2026-32726

SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass in path-based scope validation. The enforcer used a simple string-prefix comparison when checking whether a requested resource path was...

8.1CVSS5.8AI score0.00272EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/23 9:42 p.m.27 views

CVE-2025-69248 free5GC has Array Index Out of Bounds in AMF Leading to Denial of Service

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NA...

8.7CVSS0.00566EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/15 3:32 p.m.3 views

CVE-2025-62370 Alloy Core has a DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior to 0.8.26 and 1.4.1, an uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services m...

7.5CVSS6.5AI score0.00416EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.4 views

WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin MachForm Shortcode versions = 1.4.1...

7.1CVSS6.2AI score0.00175EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.2 views

WordPress plugin Send Emails with Mandrill 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.5AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2018/06/05 1:29 p.m.5 views

UBUNTU-CVE-2018-11743

The initcopy function in kernel.c in mruby 1.4.1 makes initializecopy calls for TTICLASS objects, which allows attackers to cause a denial of service mrbhashkeys uninitialized pointer and application crash or possibly have unspecified other impact...

9.8CVSS7.3AI score0.02203EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2013/06/03 5:29 p.m.5 views

qemu: guest agent creates files with insecure permissions in deamon mode

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files...

6.9CVSS7.3AI score0.00375EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/17 8:21 p.m.6 views

xfree86: information disclosure via TOG-CUP extension

The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index...

5CVSS7.4AI score0.01735EPSS
Exploits0References4
Rows per page
Query Builder