Lucene search
K

284 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Mariadb 10.3

It has been discovered that MariaDB Server v10.6.5 and earlier contains a use-after-free in the Itemargs::walkarg component, which can be exploited through specially crafted SQL statements...

7.5CVSS7AI score0.02199EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/15 10:18 p.m.8 views

CVE-2026-8704 Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified

Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...

5.8AI score0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 6:30 p.m.30 views

CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS0.01057EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:15 p.m.4 views

CVE-2026-6998

A vulnerability was detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. Affected is an unknown function of the component New RMON Statistics Page. The manipulation of the argument Owner results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...

4.8CVSS3.1AI score0.00245EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 12:0 a.m.6 views

UBUNTU-CVE-2026-33747

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

9.8CVSS5.6AI score0.00498EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013741 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011351 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer...

5.9AI score0.00203EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/20 1:13 p.m.6 views

CVE-2026-34232

A flaw was found in Firebird, an open-source relational database management system. The xdrstatusvector function, responsible for decoding server responses, does not properly handle a specific data type iscargcstring within an opresponse packet. An unauthenticated attacker can exploit this...

7.5CVSS5.8AI score0.00466EPSS
Exploits1References2
NVD
NVD
added 2026/04/17 8:16 p.m.9 views

CVE-2026-34232

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

7.5CVSS0.00466EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/17 6:52 p.m.14 views

EUVD-2026-23486

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

7.5CVSS5.7AI score0.00466EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, which include multiple ANSI SQL-92 functions. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the...

7.5CVSS5.8AI score0.00466EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.8 views

PT-2026-33483

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr status vector function does not handle the isc arg cstring type when decoding an op response packet, causing a server crash when one is encountered in the status vector. An...

7.5CVSS5.7AI score0.00466EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:49 a.m.3 views

CVE-2026-33747

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

8.4CVSS6AI score0.00498EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/21 11:32 p.m.4 views

CVE-2026-4530 apconw Aix-DB terminology_retriever.py sql injection

A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminologyretriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been...

5.3CVSS5.6AI score0.00136EPSS
Exploits0References4
NVD
NVD
added 2026/03/13 7:54 p.m.13 views

CVE-2026-31949

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS0.00377EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/11 12:12 a.m.12 views

EUVD-2026-10912

Sylius affected by IDOR in Cart and Checkout LiveComponents...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 10:17 p.m.25 views

CVE-2026-28207

CVE-2026-28207 (Zen C) : Prior to 0.4.2, Zen C’s compiler could be tricked into executing arbitrary shell commands via a crafted output filename passed to -o. The flaw resided in the main.c logic where a command string was built by concatenating arguments and executed with system(), allowing shel...

7.3CVSS6.1AI score0.00935EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2026/02/03 9:27 a.m.8 views

WordPress Kudos Donations plugin <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' vulnerability

Reflected Cross-Site Scripting via 'addqueryarg' vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Kudos Donations versions = 3.2.9...

6.1CVSS5.3AI score0.0034EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/01/27 12:26 a.m.7 views

SUSE CVE-2026-22991

In the Linux kernel, the following vulnerability has been resolved: libceph: make freechooseargmap resilient to partial allocation freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if allocation of argmap-args fails,...

5.5CVSS5.9AI score0.00395EPSS
Exploits0References21
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:24 p.m.5 views

CVE-2026-22991

In the Linux kernel, the following vulnerability has been resolved: libceph: make freechooseargmap resilient to partial allocation freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if allocation of argmap-args fails,...

5.8AI score0.00395EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder