Lucene search
K

14405 matches found

vulnersOsv
vulnersOsv
added 2026/05/05 4:49 p.m.6 views

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +362 more potentially affected by CVE-2026-35397 via jupyter-server (>=0.0.5 <=2.17.0)

jupyter-server PYPI version =0.0.5, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2026-35397 Source advisory: OSV:GHSA-5789-5FC7-67V3...

8.8CVSS6.3AI score0.00583EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/05/05 4:49 p.m.6 views

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +90 more potentially affected by CVE-2026-35397 via jupyter-server (>=2.0.0rc3 <=2.17.0)

jupyter-server PYPI version =2.0.0rc3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =3.0.0, =0.1.0, =0.0.1, =0.0.6 and more Source cves: CVE-2026-35397 Source advisory: SNYK:PYTHON-JUPYTERSERVER-16425698...

8.8CVSS6.3AI score0.00583EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/05/05 4:16 p.m.7 views

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +362 more potentially affected by CVE-2025-61669 via jupyter-server (>=0.0.5 <=2.17.0)

jupyter-server PYPI version =0.0.5, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2025-61669 Source advisory: OSV:PYSEC-2026-67...

6.3CVSS7AI score0.00265EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/04 9:57 a.m.7 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS6AI score0.00176EPSS
Exploits0References7
OSV
OSV
added 2026/05/01 12:0 p.m.6 views

RUSTSEC-2026-0117 Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0References2
RustSec
RustSec
added 2026/05/01 12:0 p.m.6 views

Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.18 views

Wireshark 2.2.x < 2.2.15 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.15 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...

7.5CVSS7.4AI score0.03509EPSS
Exploits0References19
vulnersOsv
vulnersOsv
added 2026/04/30 5:25 p.m.6 views

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +630 more potentially affected by CVE-2026-40171 via jupyterlab (>=0.31.1 <=4.5.6)

jupyterlab PYPI version =0.31.1, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =0.1.0, =3.0.0, =4.33.0, =5.0.0 and more Source cves: CVE-2026-40171 Source advisory: OSV:GHSA-RCH3-82JR-F9W9...

8.4CVSS5.7AI score0.00476EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/30 4:30 p.m.5 views

CVE-2026-34996

DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

5.2AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 4:30 p.m.6 views

CVE-2026-34994

DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

5.2AI score
Exploits0References1
curl security advisories
curl security advisories
added 2026/04/29 8:0 a.m.24 views

cross-proxy Digest auth state leak

Successfully using libcurl to do a transfer over a specific HTTP proxy proxyA with Digest authentication and then changing the proxy host to a second one proxyB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Proxy-Authorization: header field meant for proxyA, to...

5.3CVSS5.2AI score0.00471EPSS
Exploits1References1Affected Software2
GithubExploit
GithubExploit
added 2026/04/27 12:0 p.m.127 views

alfactf2026-writeups

🏆 Alfa CTF 2026 — Райтапы команды The A-Team !CTF Badgeh...

5.3AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:9 a.m.4 views

NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

...

8.8CVSS5.8AI score0.00281EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.11 views

SUSE CVE-2026-31622

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

8.8CVSS5.5AI score0.00281EPSS
Exploits0References14
vulnersOsv
vulnersOsv
added 2026/04/24 4:17 p.m.7 views

0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +265 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)

litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.1.14.13, =0.0.0.post0, =2.4.65 and more Source cves: CVE-2026-42208 Source advisory: SNYK:PYTHON-LITELLM-16300164...

9.8CVSS6.1AI score0.86607EPSS
Exploits7
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.8 views

PT-2026-35055

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.8.0 through 4.10 Description An integer underflow occurs in the emsa pkcs1 v1 5 encode function within the core/drivers/crypto/crypto api/acipher/rsassa.c file. The issue arises when calculating the padding size PS size by...

7.5CVSS5.2AI score0.00403EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/04/24 12:0 a.m.7 views

Apple Silicon Vulnerability Research — A18 Pro (MacBook Neo)

This is systematic security research targeting Apple's A18 Pro chip MacBook Neo / Mac17,5, the first A-series SoC shipped in a Mac laptop. The MacBook Neo is used as an authorized Apple Security Research Device SRD and doubles as a high-visibility proxy for iPhone 16 Pro research, since A18 Pro i...

5.2AI score
Exploits0
EUVD
EUVD
added 2026/04/22 6:30 a.m.11 views

EUVD-2026-24599

The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS6AI score0.00278EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/04/22 6:30 a.m.10 views

cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...

3.7CVSS5.8AI score0.00215EPSS
Exploits0
NVD
NVD
added 2026/04/22 4:16 a.m.13 views

CVE-2026-6833

The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS0.00278EPSS
Exploits0References2
Rows per page
Query Builder