Lucene search
K

6 matches found

Debian CVE
Debian CVE
added 2026/06/25 9:32 p.m.6 views

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.12 views

CVE-2026-45028

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006753)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006753 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/01 12:42 a.m.18 views

CVE-2025-56676

TitanSystems Zender v3.9.7 contains an account takeover vulnerability in its password reset functionality. A temporary password or reset token issued to one user can be used to log in as another user, due to improper validation of token-user linkage. This allows remote attackers to gain...

5.4CVSS7.3AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.5 views

PT-2024-29038

Name of the Vulnerable Software and Affected Versions parisneo/lollms version latest Description The issue is related to arbitrary code execution due to insufficient sanitization of user input. Specifically, the /unInstall binding endpoint is vulnerable, and the problem arises from the lack of pa...

9.8CVSS8AI score0.00916EPSS
Exploits0References9
OSV
OSV
added 2021/08/12 10:15 p.m.5 views

PYSEC-2021-288

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case...

7.8CVSS6.5AI score0.00173EPSS
Exploits0References2
Rows per page
Query Builder