Lucene search
K

20522 matches found

Fedora
Fedora
added 2026/04/01 12:57 a.m.8 views

[SECURITY] Fedora 43 Update: gstreamer1-plugins-base-1.26.11-1.fc43

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

5.9AI score
Exploits0
CVE
CVE
added 2026/04/01 12:30 a.m.6 views

CVE-2025-71282

XenForo before 2.3.7 discloses filesystem paths via exception messages triggered by open_basedir restrictions, enabling an attacker to obtain information about the server’s directory structure. Affected product: XenForo web forum software (pre-2.3.7). Root cause: exception messages reveal filesys...

8.7CVSS5.9AI score0.00342EPSS
Exploits0References2Affected Software1
Amazon
Amazon
added 2026/04/01 12:0 a.m.7 views

Important: gstreamer1-plugins-base

Issue Overview: An integer overflow in the RIFF parser that can cause crashes for certain input files. CVE-2026-2921 Affected Packages: gstreamer1-plugins-base Issue Correction: Run dnf update gstreamer1-plugins-base --releasever 2023.10.20260330 or dnf update --advisory ALAS2023-2026-1504...

7.8CVSS7.1AI score0.00867EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29823

Summary passthrough and apassthrough in praisonai accept a caller-controlled api base parameter that is concatenated with endpoint and passed directly to httpx.Client.request when the litellm primary path raises AttributeError. No URL scheme validation, private IP filtering, or domain allowlist i...

7.7CVSS5.9AI score0.00337EPSS
Exploits1References4
Amazon
Amazon
added 2026/04/01 12:0 a.m.12 views

Important: gstreamer1-plugins-base

Issue Overview: An integer overflow in the RIFF parser that can cause crashes for certain input files. CVE-2026-2921 Affected Packages: gstreamer1-plugins-base Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and A...

7.8CVSS7.1AI score0.00867EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29708

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.8.0 Description Ella Core experiences a panic when processing a NGAP handover failure message. An attacker capable of triggering a gNodeB to send NGAP handover failure messages to Ella Core can cause a process...

6.5CVSS5.9AI score0.00317EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2026/04/01 12:0 a.m.9 views

gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

gstreamer1-plugins-bad-free 1.22.12-5 - fix for CVE-2026-2923, CVE-2026-3082 Resolves: RHEL-156231, RHEL-156248 gstreamer1-plugins-base 1.22.12-5 - Apply patch for CVE-2026-2921 Resolves: RHEL-156241 gstreamer1-plugins-good 1.22.12-5 - Apply patches for CVE-2026-3083, CVE-2026-3085 Resolves:...

8.8CVSS5.9AI score0.00867EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.6 views

Amazon Linux 2 : gstreamer1-plugins-base, --advisory ALAS2-2026-3210 (ALAS-2026-3210)

The version of gstreamer1-plugins-base installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3210 advisory. An integer overflow in the RIFF parser that can cause crashes for certain input files. CVE-2026-2921 Tenable has...

7.8CVSS7.2AI score0.00867EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.13 views

PT-2026-29566

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base. execute sql query component...

7.3CVSS6AI score0.00187EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.7 views

Amazon Linux 2023 : gstreamer1-plugins-base, gstreamer1-plugins-base-devel, gstreamer1-plugins-base-tools (ALAS2023-2026-1504)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1504 advisory. An integer overflow in the RIFF parser that can cause crashes for certain input files. CVE-2026-2921 Tenable has extracted the preceding description block directly from the tested product security...

7.8CVSS7.2AI score0.00867EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.6 views

MiracleLinux 8 : 389-ds:1.4 (AXSA:2026-377:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-377:01 advisory. 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow CVE-2025-14905 Tenable has extracted the preceding description...

7.2CVSS6.2AI score0.01038EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/01 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-8130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00867EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/01 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2026-e77ad9d792)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:32 p.m.8 views

CVE-2026-34450

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

4.8CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/31 7:50 p.m.5 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/03/31 1:11 p.m.5 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update for multiple packages is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References8
OSV
OSV
added 2026/03/31 10:12 a.m.2 views

RHSA-2026:6220 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

7.2CVSS5.8AI score0.01038EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2026/03/31 12:0 a.m.9 views

gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

gstreamer1-plugins-bad-free 1.24.11-3 - fix for CVE-2026-2923, CVE-2026-3082 Resolves: RHEL-156111, RHEL-156158 gstreamer1-plugins-base 1.24.11-2 - Apply patch for CVE-2026-2921 Resolves: RHEL-156120 gstreamer1-plugins-good 1.24.11-2 - Apply patches for CVE-2026-3083, CVE-2026-3085 Resolves:...

8.8CVSS7.1AI score0.00867EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.5 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : GStreamer Base Plugins vulnerability (USN-8130-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8130-1 advisory. It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use this issue to cause...

7.8CVSS7.4AI score0.00867EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 12:0 a.m.6 views

ALSA-2026:6259 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.8AI score0.00867EPSS
Exploits0References16
Rows per page
Query Builder