Lucene search
K

206125 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.7 views

MiracleLinux 7 : firefox-52.3.0-2.0.2.el7.AXS7 (AXSA:2017-2105:05)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2105:05 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...

10CVSS7.9AI score0.04187EPSS
Exploits13References16
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 7 : mercurial-2.6.2-7.el7 (AXEA:2017-1725:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXEA:2017-1725:01 advisory. - In Mercurial before 4.1.3, hg serve --stdio allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by...

9CVSS7.9AI score0.21512EPSS
Exploits1References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

Adobe InDesign Buffer Overflow Vulnerability (CNVD-2026-11772)

Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. A buffer overflow vulnerability exists in Adobe InDesign, which is caused by an access to an uninitialized pointer error, and can be exploited by an attacker to...

7.8CVSS6.5AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.5 views

Adobe Dreamweaver License Issue Vulnerability

Adobe Dreamweaver is a professional web code editor and web development tool developed by Adobe. Adobe Dreamweaver suffers from an authorization issue vulnerability that can be exploited by attackers to execute arbitrary code on the system...

7.8CVSS6.3AI score0.00203EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

Microsoft Windows NTFS Code Execution Vulnerability (CNVD-2026-17156)

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...

7.8CVSS6.5AI score0.02422EPSS
Exploits0
CNVD
CNVD
added 2026/01/19 12:0 a.m.2 views

Adobe InDesign Buffer Overflow Vulnerability (CNVD-2026-11773)

Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. Adobe InDesign suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS6.5AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.3 views

Microsoft Windows NTFS Code Execution Vulnerability

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute arbitrary code on...

7.8CVSS6.5AI score0.00569EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 3 : pango-1.14.9-5AXS3 (AXSA:2009-50:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-50:01 advisory. Pango is a system for layout and rendering of internationalized text. Fixed bugs: CVE-2009-1194 Integer overflow in the pangoglyphstringsetsize function in...

6.8CVSS6.5AI score0.0413EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.3 views

MiracleLinux 7 : vim-7.4.160-1.el7.1 (AXSA:2016-1205:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1205:01 advisory. VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular...

7.8CVSS8.9AI score0.25314EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.2 views

MiracleLinux 4 : firefox-52.5.0-1.0.1.AXS4 (AXSA:2017-2420:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2420:06 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...

10CVSS8.7AI score0.07439EPSS
Exploits0References4
CNVD
CNVD
added 2026/01/19 12:0 a.m.5 views

Integer Overflow Vulnerability in Multiple Mozilla Products

Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...

8.8CVSS6.4AI score0.0057EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.1 views

Buffer overflow vulnerability in multiple Mozilla products (CNVD-2026-11804)

Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...

9.8CVSS6.5AI score0.00525EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.6 views

FreeRDP security vulnerabilities

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.21.0 contained security vulnerabilities. These vulnerabilities stemmed from the freerdpbitmapdecompressplanar function, which did not validate the nSrcWidth and nSrcHeight parameter...

9.8CVSS6.2AI score0.00443EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands deco...

9.8CVSS6AI score0.00434EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.11 views

PT-2026-3507

Name of the Vulnerable Software and Affected Versions Alchemy versions prior to 7.4.12 Alchemy versions prior to 8.0.3 Description Alchemy, a Ruby on Rails content management system, allows an authenticated attacker to execute arbitrary system commands on the host operating system. The applicatio...

6.4CVSS6AI score0.00426EPSS
Exploits0References14
Snyk
Snyk
added 2026/01/18 11:48 p.m.6 views

Arbitrary Code Injection

Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...

9.1CVSS6.2AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2026/01/18 4:15 p.m.9 views

CVE-2026-0863

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

9.9CVSS0.08497EPSS
Exploits1References3
OSV
OSV
added 2026/01/18 4:15 p.m.5 views

CVE-2026-0863

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

9.9CVSS6.5AI score0.08497EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/18 3:37 p.m.30 views

CVE-2026-0863 Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

8.5CVSS0.08497EPSS
Exploits1References2
Debian
Debian
added 2026/01/17 4:51 p.m.7 views

[SECURITY] [DSA 6103-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6103-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 17, 2026 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.0057EPSS
Exploits0
Rows per page
Query Builder