Lucene search
+L

425 matches found

OSV
OSV
added 2026/04/13 3:25 p.m.4 views

MAL-2026-2596 Malicious code in @spreadjs/js-calc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7909a65c6a2c928f12a2333a6e1c53c7dea90685fe7b2be35f120654a6f86d7 The package @spreadjs/js-calc was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/12 1:16 p.m.5 views

UBUNTU-CVE-2019-25695

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

8.6CVSS6.5AI score0.00191EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.6 views

PT-2026-32162

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

8.6CVSS6.5AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.10 views

PT-2026-31646

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pe page hash calc. When page hash processing is performed on a PE file, the function...

5.5CVSS6.1AI score0.00143EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/29 5:10 a.m.4 views

CVE-2025-12886

The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.8 via the laboratorcalcroute AJAX action. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web applicati...

7.2CVSS5.9AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/28 6:30 a.m.4 views

EUVD-2025-209108

The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.8 via the laboratorcalcroute AJAX action. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web applicati...

7.2CVSS5.9AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2026/03/28 2:26 a.m.23 views

CVE-2025-12886

The Oxygen Theme for WordPress (versions up to 6.0.8) is vulnerable to unauthenticated Server-Side Request Forgery via the laborator_calc_route AJAX action. This allows an attacker to issue web requests from the application to arbitrary locations, potentially querying and modifying information fr...

7.2CVSS5.9AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.6 views

PT-2026-27007

FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...

8.6CVSS6.4AI score0.00214EPSS
Exploits1References4
OSV
OSV
added 2026/02/04 4:16 p.m.7 views

UBUNTU-CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.7AI score0.00161EPSS
Exploits0References29
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:0 p.m.3 views

CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.2AI score0.00161EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/02/04 4:0 p.m.5 views

CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.2AI score0.00161EPSS
Exploits0
OSV
OSV
added 2026/02/04 4:0 p.m.6 views

CVE-2026-23047 libceph: make calc_target() set t->paused, not just clear it

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.2AI score0.00161EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of the pause state for the calctarget component. This vulnerability may cau...

5.8AI score0.00161EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/31 12:30 a.m.8 views

EUVD-2020-30932

Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a specially crafted inp...

8.4CVSS6.3AI score0.00201EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/31 12:30 a.m.6 views

EUVD-2020-30941

RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...

8.4CVSS6.4AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.3 views

CVE-2020-37031

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...

8.6CVSS6.4AI score0.00161EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.15 views

PT-2026-5477

Name of the Vulnerable Software and Affected Versions RM Downloader version 2.50.60 Description RM Downloader version 2.50.60 contains a local buffer overflow issue in the Load parameter. This allows attackers to execute arbitrary code by overwriting memory. An attacker can create a malicious...

8.4CVSS6.4AI score0.00201EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : libreoffice-7.1.8.1-11.el9.ML.2 (AXSA:2023-7005:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7005:05 advisory. libreoffice: Empty entry in Java class path CVE-2022-38745 libreoffice: Array index underflow in Calc formula parsing CVE-2023-0950 libreoffice:...

7.8CVSS7.6AI score0.64635EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : kernel-5.14.0-362.24.1.el9_3 (AXSA:2024-7637:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7637:09 advisory. kernel: inactive elements in nftpipapowalk CVE-2023-6817 kernel: netfilter: use-after-free in nfttransgccatchallsync leads to privilege escalation...

7.8CVSS7AI score0.01549EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : libreoffice-6.4.7.2-15.el8.ML.1 (AXSA:2023-7259:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7259:06 advisory. libreoffice: Empty entry in Java class path CVE-2022-38745 libreoffice: Array index underflow in Calc formula parsing CVE-2023-0950 libreoffice:...

7.8CVSS5.6AI score0.64635EPSS
Exploits2References5
Rows per page
Query Builder