Lucene search
+L

1246 matches found

nuclei
nuclei
added 8 hours ago56 views

TinaCMS - Path Traversal

TinaCMS CLI 2.1.8 contains a file system read vulnerability caused by disabled Vite server.fs.strict setting, letting unauthenticated attackers read arbitrary files on the host system, exploit requires access to the dev server. id: CVE-2026-29066 info: name: TinaCMS - Path Traversal author:...

6.2CVSS6.2AI score0.01025EPSS
Exploits1References2
osv
osv
added 14 hours ago14 views

ROOT-OS-DEBIAN-13-CVE-2026-43309 CVE-2026-43309 in rootio-linux - Patched by Root

Root has patched CVE-2026-43309 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.8AI score0.00121EPSS
Exploits0
nvd
nvd
added yesterday7 views

CVE-2026-38974

Dulwich through 1.1.0 was found to be missing SSH host key verification in contrib/paramikovendor.py...

Exploits0References2
osv
osv
added 2 days ago5 views

ROOT-OS-UBUNTU-2404-CVE-2026-53157 CVE-2026-53157 in rootio-linux - Patched by Root

Root has patched CVE-2026-53157 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.8CVSS5.8AI score0.00135EPSS
Exploits0
osv
osv
added 2 days ago10 views

ROOT-OS-UBUNTU-2204-CVE-2026-45956 CVE-2026-45956 in rootio-linux - Patched by Root

Root has patched CVE-2026-45956 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.8CVSS5.4AI score0.00126EPSS
Exploits0
redhat
redhat
added 2 days ago8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.5 bug fix and security update

Red Hat OpenShift Container Platform release 4.22.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...

9.1CVSS7AI score0.00522EPSS
Exploits1References4
nvd
nvd
added 3 days ago8 views

CVE-2026-10103

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify post ownership in the shared channel inbound sync handler, which allows an authenticated remote cluster to modify or delete posts authored by local users or other remotes via crafted sync messages referencing...

4.3CVSS0.00145EPSS
Exploits0References1
cve
cve
added 3 days ago14 views

CVE-2026-10106

Mattermost vulnerable versions: 11.7.x ≤ 11.7.2, 11.6.x ≤ 11.6.4, and 10.11.x ≤ 10.11.19. The issue stems from failing to verify that the channel referenced in an action cookie matches the target post’s channel, enabling an authenticated user without access to a private channel to trigger interac...

6.5CVSS6.1AI score0.00174EPSS
Exploits0References1Affected Software1
nessus
nessus
added 3 days ago6 views

AlmaLinux 8 : xorg-x11-server-Xwayland (ALSA-2026:38488)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:38488 advisory. xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 Tenable has extracted the preceding description block directly from the AlmaLinux...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References3
osv
osv
added 6 days ago3 views

RHSA-2026:37535 Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

Bulletin has no description...

7.5CVSS6.1AI score0.00553EPSS
Exploits0References15
osv
osv
added 6 days ago2 views

RHSA-2026:37469 Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

Bulletin has no description...

6.2CVSS6.1AI score0.00137EPSS
Exploits0References9
nessus
nessus
added 6 days ago7 views

Fedora 44 : perl-DBI (2026-9fdda5018f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9fdda5018f advisory. 1.650 bump - Fix CVE-2026-14739, CVE-2026-14740 and CVE-2026-14380 Tenable has extracted the preceding description block directly from the Fedora...

9.8CVSS6.2AI score0.00498EPSS
Exploits0References4
nessus
nessus
added 6 days ago4 views

SUSE SLED15 / SLES15 Security Update : go1.25 (SUSE-SU-2026:2817-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2817-1 advisory. This update for go1.25 fixes the following issues - Update to version go1.25.12 bsc1244485. - CVE-2026-25679:...

7.8CVSS6.2AI score0.0052EPSS
Exploits0References19
osv
osv
added 2026/07/09 10:12 a.m.5 views

RHSA-2026:36796 Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update

Bulletin has no description...

9.1CVSS6.8AI score0.00813EPSS
Exploits3References167
nessus
nessus
added 2026/07/09 12:0 a.m.6 views

AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2026:37130)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37130 advisory. gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb CVE-2026-52720 gstreamer1-plugins-bad-free:...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References4
nessus
nessus
added 2026/07/09 12:0 a.m.5 views

AlmaLinux 8 : gstreamer1-plugins-good (ALSA-2026:36774)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:36774 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding description...

7.6CVSS7.2AI score0.0031EPSS
Exploits0References3
osv
osv
added 2026/07/08 8:16 p.m.3 views

UBUNTU-CVE-2026-59948

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a maliciously crafted package from an untrusted repository other than Packagist.org or Private Packagist can cause Composer to write attacker-controlled files outside the vendor directory and outside the project...

7CVSS6.1AI score0.00132EPSS
Exploits0References3
osv
osv
added 2026/07/08 6:16 p.m.3 views

DEBIAN-CVE-2026-50812

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service. The issue occurs when sqlite3changesetapplyv3 applies a corrupt changeset...

5.5CVSS6.1AI score0.00112EPSS
Exploits0References1
osv
osv
added 2026/07/08 10:9 a.m.6 views

RHSA-2026:36366 Red Hat Security Advisory: kernel security update

Bulletin has no description...

8.1CVSS6.7AI score0.00352EPSS
Exploits0References8
osv
osv
added 2026/07/08 1:16 a.m.5 views

DEBIAN-CVE-2026-60002

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. This outcome occurs only on the client side...

9.4CVSS6AI score0.00263EPSS
Exploits0References1
Rows per page
Query Builder