Lucene search
K

120954 matches found

RedhatCVE
RedhatCVE
added 2026/04/08 7:55 a.m.4 views

CVE-2026-5735

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

9.8CVSS6AI score0.00257EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/08 7:38 a.m.3 views

CVE-2026-5734

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and w...

9.8CVSS6AI score0.00329EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/08 7:38 a.m.4 views

CVE-2026-5731

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

9.8CVSS6AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/08 5:18 a.m.5 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.5AI score0.00656EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/04/08 5:11 a.m.4 views

CVE-2026-33273

Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...

5.1CVSS6.2AI score0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 5:11 a.m.9 views

CVE-2026-33273

CVE-2026-33273 affects MATCHA INVOICE, versions 2.6.6 and earlier. The issue is an unrestricted upload vulnerability (CWE-434) that could allow an administrator to create arbitrary files on the server, potentially enabling arbitrary code execution. Public reports in JVN, NVD, CVE records, and thi...

7.2CVSS6.2AI score0.00228EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.4 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

8.8CVSS6.5AI score0.00658EPSS
Exploits0References5
NVD
NVD
added 2026/04/08 1:16 a.m.5 views

CVE-2026-3357

IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component...

8.8CVSS0.00466EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/08 1:6 a.m.2 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS6.4AI score0.00658EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from SWIG filenames marked with the "go" label and containing carefully crafted malicious...

8.8CVSS6.3AI score0.00658EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.115 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete list of sandbox properties, which could allow bypassing security restrictions and...

9.9CVSS5.9AI score0.00541EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-32052

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Autonomous Digital Experience Manager on Windows affected versions not specified Description A certificate validation issue exists in Palo Alto Networks Autonomous Digital Experience Manager on Windows. An unauthenticated...

8.3CVSS6.1AI score0.00161EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior versions of the TP-Link Archer AX53, including v1.0, 1.7.1 Build 20260213, contained security vulnerabilities. These vulnerabilities were caused by a stack-based buffer overflow in the tmpServer module, which cou...

8CVSS6.3AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Red Hat Quay 代码问题漏洞

Red Hat Quay is a distributed container image repository provided by the American company Red Hat. It is primarily used for building, distributing, and deploying containers. Red Hat Quay has code-related vulnerabilities. These vulnerabilities arise from the possibility of tampering with the...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2
CNVD
CNVD
added 2026/04/08 12:0 a.m.3 views

Mozilla Firefox and Mozilla Thunderbird Buffer Overflow Vulnerability (CNVD-2026-16992)

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A buffer overflow vulnerability exists in Mozilla Firefox and Mozilla Thunderbird...

8.8CVSS6.4AI score0.00304EPSS
Exploits0
Kaspersky
Kaspersky
added 2026/04/08 12:0 a.m.17 views

KLA91054 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebCodecs can be exploited to cause denial of service. 2. Use aft...

9.6CVSS6.6AI score0.05036EPSS
Exploits0References4
CNVD
CNVD
added 2026/04/08 12:0 a.m.4 views

Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-16993)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

8.8CVSS6.2AI score0.0035EPSS
Exploits0
CNVD
CNVD
added 2026/04/08 12:0 a.m.9 views

Memory Corruption Vulnerability in Multiple Mozilla Products (CNVD-2026-16994)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory corruption vulnerability exists in multiple Mozilla products,...

9.8CVSS6.2AI score0.0034EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior to the version v1.0 1.7.1 Build 20260213, the TP-Link Archer AX53 had a security vulnerability. This vulnerability stemmed from insufficient input validation in the dnsmasq module, which could allow authenticated...

8.5CVSS7.7AI score0.01232EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/07 11:16 p.m.5 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.5AI score0.00656EPSS
Exploits1References6
Rows per page
Query Builder