Lucene search
K

1166 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: binutils (UTSA-2026-015477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015477 advisory. A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the...

7.8CVSS5.2AI score0.00235EPSS
Exploits1References4
Oracle
Oracle
added 2026/04/24 12:0 a.m.38 views

Oracle Critical Patch Update Advisory - April 2026

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS7.1AI score0.99977EPSS
Exploits625Affected Software166
NVD
NVD
added 2026/04/23 10:16 p.m.5 views

CVE-2026-41338

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...

5CVSS0.00088EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/23 9:57 p.m.34 views

CVE-2026-41338 OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...

5CVSS0.00088EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.4 views

CVE-2026-41338

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...

5CVSS5.8AI score0.00088EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-34769

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in apply patch, remove, and mkdir operations to manipulate files between validation and executio...

5CVSS5.8AI score0.00088EPSS
Exploits0References5
OSV
OSV
added 2026/04/21 9:45 a.m.7 views

CLSA-2026-1776764746 libxslt: Fix of CVE-2021-30560

CVE-2021-30560: fix use-after-free in xsltApplyTemplates...

8.8CVSS6.8AI score0.21623EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:25 p.m.2 views

CVE-2026-5707

Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio RES version 2025.03 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands as root on the virtual desktop host via a crafted session name. To...

8.8CVSS6.2AI score0.00994EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:19 p.m.4 views

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/31 10:19 p.m.4 views

CVE-2026-34554 iccDEV: HBO in CIccApplyCmmSearch::costFunc()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/31 10:19 p.m.30 views

CVE-2026-34554 iccDEV: HBO in CIccApplyCmmSearch::costFunc()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS0.00159EPSS
Exploits1References3
CVE
CVE
added 2026/03/31 10:5 p.m.12 views

CVE-2026-34542

CVE-2026-34542 affects iccDEV before version 2.3.1.6, where a crafted ICC profile can trigger a stack-buffer-overflow in CIccCalculatorFunc::Apply() when processed via iccApplyNamedCmm. Under AddressSanitizer this appears as a 4-byte write stack-buffer-overflow in IccProfLib/IccMpeCalc.cpp:3873, ...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/31 10:5 p.m.4 views

CVE-2026-34542 iccDEV: SBO in CIccCalculatorFunc::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:5 p.m.1 views

CVE-2026-34542

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/31 10:5 p.m.21 views

CVE-2026-34542 iccDEV: SBO in CIccCalculatorFunc::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS0.00156EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.11 views

PT-2026-29399

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.9 views

PT-2026-29390

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:10 a.m.10 views

CVE-2026-27858

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31793

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault due to invalid/wild pointer read in CIccCalculatorFunc::ApplySequence causing denial of service. This vulnerability is fixed in 2.3.1.5...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-31795

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow write in CIccXform3DLut::Apply corrupting stack memory or crash. This vulnerability is fixed in 2.3.1.5...

7.8CVSS6AI score0.00173EPSS
Exploits0References1
Rows per page
Query Builder