Lucene search
K

8550 matches found

EUVD
EUVD
added 2026/06/20 12:46 a.m.9 views

EUVD-2026-38103

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

6.1AI score0.00354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.18 views

PT-2026-51133

Name of the Vulnerable Software and Affected Versions Simple File List versions prior to 6.3.8 Description The Simple File List plugin for WordPress contains a flaw where a missing authorization check on the frontmanage shortcode attribute allows authenticated attackers with contributor-level...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References10
Snyk
Snyk
added 2026/06/19 8:47 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the formattr function when handling JSON object keys of exactly 65,535 bytes with createid enabled. An attacker can cause heap memory corruption and crash the process by supplying a specially crafted JSON payload with ...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 4:37 p.m.9 views

GHSA-PHWJ-RPRQ-35PP Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`

Summary Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacing the value of an XML attribute. If Ruby code had already accessed an attribute child node, Nokogiri::XML::Attrvalue= could free the underlying native child node while the wrapper remained...

6.3CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libmysofa

LibMySOFA 0.9.1 has a stack-based buffer overflow issue in the readDataVar function in hdf/dataobject.c, during the reading of a header message attribute...

8.8CVSS7.2AI score0.01668EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Handling of errors from attrsetsize when truncating files. If attrsetsize fails during file truncation, the error is silently ignored, and the inode may remain in an inconsistent state...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Rails

An XSS vulnerability exists in the Action View tag helpers versions 5.2.0 and below, which would allow an attacker to inject content if they can control the input into specific attributes...

6.1CVSS6.1AI score0.01485EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...

5CVSS6.7AI score0.00406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fixed a potential NULL pointer dereference in the icebridgesetlink function. The icebridgesetlink function may encounter a NULL pointer dereference if nlmsgfindattr returns NULL, and brspec is dereferenced subsequently ...

5.5CVSS5.6AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fixed the warning during failed attribute validation. The TCAMPLSLABEL attribute is of type NLAU32, but its validation type is NLAVALIDATEFUNCTION. This is an invalid combination according to the comment above...

7.8CVSS6.1AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Wireshark

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This issue was addressed in epan/dissectors/packet-btatt.c by validating opcodes...

6.5CVSS6.7AI score0.01457EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Tomcat9

When using RemoteIpFilter with requests received from a reverse proxy via HTTP that includes the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71, and 8.5.0 to 8.5.85 did not include the secure...

4.3CVSS6.8AI score0.01831EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-band issue in ntfslistxattr. The length of a name cannot exceed the space occupied by “ea”...

7.1CVSS6.1AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in the 389-DS-base

A heap overflow flaw was discovered in 389-ds-base. This issue causes a denial of service when writing a value larger than 256 characters in logentryattr...

5.5CVSS6.1AI score0.00304EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. An incomplete access check on dnsHostName allows authenticated, but otherwise unprivileged users to delete this attribute from any object in the directory...

4.3CVSS6.6AI score0.00719EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. The UserAttributeSimilarityValidator incurred significant overhead when evaluating a submitted password that was artificially large relative to the comparison values. In a situation where access to user...

7.5CVSS7.4AI score0.02397EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: vdpa: Added a max vqp attr to vdpanlpolicy for checking nlattr lengths. The vdpanlpolicy structure is used to validate the nlattr during the parsing of incoming nlmsg. It ensures that the described attribute produces a valid nlat...

7.8CVSS5.2AI score0.00154EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The editor code failed to check an attribute value. This could have led to a out-of-bounds read. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

9.1CVSS6.9AI score0.00598EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr The commit 1f9ad21c3b38 “powerpc/mm: Implement setmemory routines” included a spinlock call in changepageattr in order to safely perform the three-step operations...

5.5CVSS6.1AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 performs a “goto out” operation before checking the security label, then args.context will be set to uninitialized garbage on the stack. We will then...

5.5CVSS5.6AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder