Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/23 2:20 p.m.10 views

EUVD-2026-38455

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

9.4CVSS6.4AI score0.01892EPSS
Exploits1References3
NVD
NVD
added 2026/03/20 1:15 a.m.4 views

CVE-2026-32829

lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...

8.2CVSS0.00608EPSS
Exploits0References10
OSV
OSV
added 2026/03/16 8:48 p.m.3 views

GHSA-VVP9-7P8X-RFVV lz4_flex's decompression can leak information from uninitialized memory or reused output buffer

Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...

8.2CVSS6AI score0.00608EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2024/08/27 8:33 p.m.5 views

CVE-2024-45049

Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying...

7.5CVSS6.9AI score0.00619EPSS
Exploits0References4
Rows per page
Query Builder