Lucene search
+L

256 matches found

AlpineLinux
AlpineLinux
added 2026/03/27 8:10 a.m.5 views

CVE-2026-24031

Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...

8.2CVSS5.9AI score0.00395EPSS
Exploits0References4
OSV
OSV
added 2026/03/27 12:0 a.m.5 views

UBUNTU-CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

5.3CVSS5.9AI score0.00286EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/03/26 8:30 p.m.5 views

Django: Django: Denial of Service via crafted HTML inputs

A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the django.utils.text.Truncator.chars and Truncator.words methods when html=True, or through the truncatecharshtml and truncatewordshtml...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References7
OSV
OSV
added 2026/03/25 10:48 a.m.3 views

SUSE-SU-2026:20933-1 Security update for python-ldap

This update for python-ldap fixes the following issues: - CVE-2025-61911: Enforce str for escapefilterchars bsc1251912. - CVE-2025-61912: Escape NULs as per RFC 4514 in escapednchars bsc1251913...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References5
OSV
OSV
added 2026/03/25 10:40 a.m.3 views

OPENSUSE-SU-2026:20421-1 Security update for python-ldap

This update for python-ldap fixes the following issues: - CVE-2025-61911: Enforce str for escapefilterchars bsc1251912. - CVE-2025-61912: Escape NULs as per RFC 4514 in escapednchars bsc1251913...

6.9CVSS6.6AI score0.00427EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2026/03/21 1:16 p.m.4 views

CVE-2019-25544

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat,...

6.9CVSS6AI score0.00187EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : python-ldap (EulerOS-SA-2026-1563)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.10 views

EulerOS 2.0 SP10 : python-ldap (EulerOS-SA-2026-1346)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.10 views

EulerOS Virtualization 2.10.1 : python-ldap (EulerOS-SA-2026-1543)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP12 : python-ldap (EulerOS-SA-2026-1408)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References3
CNVD
CNVD
added 2026/03/02 12:0 a.m.6 views

OpenClaw has an unspecified vulnerability (CNVD-2026-13375)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the fact that the confirmation dialog box for openclaw://agent deep links only displays the first 240 characters of the message but executes the full message,...

7.1CVSS5.9AI score0.00426EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 8:37 p.m.2 views

CVE-2020-37197 Dnss Domain Name Search Software - 'Name' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash...

7.5CVSS5.8AI score0.00441EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/02/11 12:2 p.m.65 views

Exploit for CVE-2025-69600

CVE-2025-69600 - author: Rafael José Núñez Gulías - com...

5.9AI score0.00826EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/02/03 1:31 p.m.8 views

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

3.6CVSS6.7AI score0.00284EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : screen-4.1.0-0.27.20120314git3c2946.el7 (AXSA:2021-1601:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1601:01 advisory. screen: crash when processing combining chars CVE-2021-26937 Tenable has extracted the preceding description block directly from the MiracleLinux security...

9.8CVSS5.6AI score0.09147EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

EulerOS 2.0 SP12 : openssh (EulerOS-SA-2026-1095)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is...

3.6CVSS6.4AI score0.00284EPSS
Exploits2References3
NVD
NVD
added 2026/01/13 11:16 p.m.5 views

CVE-2023-54337

Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality...

9.1CVSS0.00494EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/13 7:26 p.m.28 views

CVE-2025-68702 Jervis has a SHA-256 Hex String Padding Bug

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses padLeft32, '0' when it should use padLeft64, '0' because SHA-256 produces 32 bytes which equates to 64 hex characters. This vulnerability is fixed in 2.2...

8.7CVSS0.00147EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.8 views

CVE-2023-31906

Jerryscript 3.0.0commit 1a2c047 was discovered to contain a heap-buffer-overflow via the component lexercompareidentifiertochars at /jerry-core/parser/js/js-lexer.c...

7.8CVSS7.3AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2026/01/09 10:40 a.m.8 views

CLSA-2026-1767955216 openssh: Fix of 2 CVEs

CVE-2025-61984: fix username handling by rejecting control characters from untrusted sources to prevent ProxyCommand code execution - CVE-2025-61985: disallowed NUL characters in ssh:// URI parsing to prevent ProxyCommand-based code execution...

3.6CVSS6.4AI score0.00284EPSS
Exploits2References1
Rows per page
Query Builder