Lucene search
K

930 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 3:31 p.m.11 views

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-47907 DESCRIPTION: Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned...

7.5CVSS7.2AI score0.00585EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-29583

Name of the Vulnerable Software and Affected Versions Temporal Server versions 1.29.0 and later Description A user with a writer role in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the...

2.3CVSS6AI score0.00248EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.9 views

Temporal Server 安全漏洞

Temporal Server is a microservices orchestration platform developed by Temporal Corporation. There is a security vulnerability in Temporal Server. This vulnerability stems from the fact that users with the “Writer” role in the namespaces controlled by attackers can send signals, delete, and reset...

2.3CVSS5.9AI score0.00248EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/31 10:1 p.m.10 views

EUVD-2026-17703

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow HBO in CTiffImg::WriteLine. The issue is observable under AddressSanitizer as an out-of-bounds heap read...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/03/30 4:8 p.m.5 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.1AI score0.00585EPSS
Exploits1References12
Fedora
Fedora
added 2026/03/29 1:8 a.m.8 views

[SECURITY] Fedora 42 Update: rust-tar-0.4.45-1.fc42

A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/29 1:8 a.m.6 views

[SECURITY] Fedora 42 Update: rust-astral-tokio-tar-0.6.0-1.fc42

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:46 a.m.7 views

[SECURITY] Fedora 43 Update: rust-tar-0.4.45-1.fc43

A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:19 a.m.10 views

[SECURITY] Fedora 44 Update: rust-tar-0.4.45-1.fc44

A Rust implementation of a TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/28 12:19 a.m.8 views

[SECURITY] Fedora 44 Update: rust-astral-tokio-tar-0.6.0-1.fc44

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
OSV
OSV
added 2026/03/20 5:28 p.m.6 views

CLSA-2026-1774027715 Fix CVE(s): CVE-2026-30883

SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocatedlength in Magickpngwriterawprofile to prevent integer overflow leading to heap over-write - CVE-2026-30883...

7.8CVSS7.3AI score0.00123EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 3:2 p.m.7 views

CLSA-2026-1773923672 ImageMagick: Fix of 11 CVEs

CVE-2026-25797: fix PostScript/HTML code injection via unsanitized filenames - CVE-2026-25982: fix heap out-of-bounds read in DICOM colormap decoder - CVE-2026-25968: fix stack buffer overflow in MSL opacity attribute processing - CVE-2026-25986: fix heap buffer overflow write in YUV 4:2:2...

9.8CVSS7.2AI score0.00671EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/03/19 2:13 p.m.4 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.1AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/03/19 5:59 a.m.6 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.1AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/03/17 6:49 a.m.7 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/03/12 9:1 p.m.4 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/03/12 8:57 p.m.5 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References12
Talos Blog
Talos Blog
added 2026/03/11 10:0 a.m.8 views

Spinning complex ideas into clear docs with Kri Dontje

Welcome back! This week, we're shining a spotlight on Kri Dontje, a technical writer who's become an essential voice in making Cisco Talos' work understandable for a wide audience. With a background in technical communications and a career that began at a small startup, Kri discusses the importan...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.6 views

EulerOS 2.0 SP13 : kata-containers (EulerOS-SA-2026-1243)

According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64...

7.5CVSS5.9AI score0.00585EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/04 1:44 p.m.5 views

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

7.8CVSS5.9AI score0.00195EPSS
Exploits1References1
Rows per page
Query Builder