Lucene search
K

91 matches found

NVD
NVD
added 2026/06/26 4:16 p.m.9 views

CVE-2023-20540

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity...

1.8CVSS0.00114EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 3:44 p.m.20 views

CVE-2023-20540

CVE-2023-20540 describes a timing discrepancy in the AMD Secure Processor (ASP) that could enable a privileged attacker to brute-force the hash-based MAC, potentially compromising data integrity. Affected component: AMD Secure Processor / ASP in AMD client/server platforms using ASP. Root cause: ...

1.8CVSS5.9AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 12:5 p.m.16 views

RLSA-2026:24331 Important: cockpit-image-builder security update

The image-builder-frontend generates custom images suitable for deploying systems or uploading to the cloud. It integrates into Cockpit as a frontend for osbuild. Security Fixes: lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 lodash: lodash: Arbitrary code execution via...

8.2CVSS6.9AI score0.01735EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.19 views

PT-2026-48680

Name of the Vulnerable Software and Affected Versions free5GC UDR affected versions not specified Description Improper input validation exists in the EE subscription handlers of the free5GC UDR. The system uses a regular expression to validate the ueId variable that includes a catch-all...

7.1CVSS6AI score0.00084EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.9 views

CVE-2026-25680

A flaw was found in golang.org/x/net/html. A remote attacker could provide specially crafted HTML, which, when parsed by the affected component, would consume excessive CPU resources. This could lead to a Denial of Service DoS condition, making the system unavailable to legitimate users. Mitigati...

6.5CVSS6AI score0.00248EPSS
Exploits0References7
NVD
NVD
added 2026/05/22 4:16 p.m.10 views

CVE-2026-25680

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...

6.5CVSS0.00248EPSS
Exploits0References4
CVE
CVE
added 2026/05/04 6:27 p.m.29 views

CVE-2026-42228

n8n (open source workflow automation) has a vulnerability in the /chat WebSocket endpoint used by the Chat Trigger node’s Hosted Chat feature. The issue: an unauthenticated attacker could attach to a workflow execution in a waiting state without verifying authorization, receive the pending prompt...

6.5CVSS6AI score0.00383EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2026/04/11 5:35 a.m.11 views

Eval Injection

Agno is vulnerable to Eval Injection. The vulnerability is due to unsafe use of eval on the fieldtype parameter without proper validation, which allows an attacker to execute arbitrary Python code by manipulating input...

9.8CVSS5.8AI score0.00852EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/04/02 8:16 p.m.3 views

CVE-2026-35053

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, the Worker service's ManualAPI exposes workflow execution endpoints GET /workflow/manual/run/:workflowId and POST /workflow/manual/run/:workflowId without any authentication middleware. An attacker who ca...

9.8CVSS0.00546EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-17180

Malware in sbrugna...

7.8CVSS7.5AI score0.01594EPSS
Exploits5References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9442

Malware in sbrugna...

7.8CVSS6.5AI score0.01486EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-20477

Malware in sbrugna...

10CVSS9.5AI score0.02316EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6038

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.006EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2022-6077

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01327EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38612

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00726EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6626

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0078EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-6096

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01027EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7229

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00816EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/09/30 10:46 p.m.15 views

CVE-2025-59937

go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...

8.2CVSS7AI score0.00505EPSS
Exploits1References1
NVD
NVD
added 2025/09/06 6:15 p.m.5 views

CVE-2024-36346

Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition...

6CVSS0.00125EPSS
Exploits0References1
Rows per page
Query Builder