Lucene search
K

7676 matches found

Nuclei
Nuclei
added 10 hours ago32 views

Apache NiFi - Information Disclosure

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases wher...

5.4CVSS6.2AI score0.03095EPSS
Exploits0
OSV
OSV
added yesterday2 views

CVE-2026-58065 Apache Airflow Git provider: Git provider hook defaults to StrictHostKeyChecking=no, disabling SSH host-key verification

The Apache Airflow Git provider runs its git-over-SSH operations with StrictHostKeyChecking=no by default, disabling SSH host-key verification. An attacker who can intercept the network path between an Airflow worker and the Git server can impersonate the server man-in-the-middle, capturing the S...

8.1CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55187 Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms (follow-up to CVE-2026-27808)

Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the tools.IsInternalIP deny-list in internal/tools/net.go relies on Go's standard library classification helpers and does not block IPv6 transition mechanisms...

5.8CVSS0.00282EPSS
Exploits0References3
NVD
NVD
added 6 days ago9 views

CVE-2026-57254

There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-56002 libXfont2 PCF Font Parsing Heap Buffer Overflow

A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...

8.5CVSS0.00529EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2026-57254

CVE-2026-57254 affects Foxit PDF Editor/Reader and is a type confusion vulnerability in PDF annotations that are referenced by other objects. The flaw occurs when the application parses the PDF without proper type checking, which can cause the application to crash. From the provided metrics, the ...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42199

There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash...

7.8CVSS6AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-57254

There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash...

7.8CVSS6AI score0.00116EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 6 days ago11 views

PT-2026-56353

Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description An issue exists where the application fails to perform proper type checking when parsing a PDF containing an abnormal annotation referenced by other objects. This type confusi...

7.8CVSS6AI score0.00116EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/01 2:8 p.m.8 views

CVE-2026-57455

A memory corruption flaw in Vim allows an attacker to cause a Denial of Service DoS. When a SOFO-based spell language is active, providing an excessively long word to the spell checker triggers a stack out-of-bounds write in the spellsoundfoldsofo function, causing the editor to crash. Mitigation...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:1 p.m.7 views

CVE-2026-6688

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it into short fixed buffers without bounds checks, causing overflow. This maps to CWE-120 Buffer Copy...

7.6CVSS5.8AI score0.0021EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/30 7:8 p.m.35 views

CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 8:17 p.m.8 views

CVE-2026-28979

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.00247EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 7:42 p.m.16 views

CVE-2026-28979

Summary: CVE-2026-28979 describes an out-of-bounds access issue fixed by enhanced bounds checking. The vulnerability affects web content processing in Apple platforms and is addressed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Affected components (from provided docs): Sa...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:42 p.m.6 views

CVE-2026-28979

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00247EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53699

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description An out-of-bounds access issue occurs when processing maliciously crafted web content, which may lead ...

6.5CVSS5.9AI score0.00257EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53693

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description An out-of-bounds access issue occurs when processing maliciously crafted web content, which may lead ...

6.5CVSS5.9AI score0.00247EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/28 12:0 a.m.7 views

Security update for openbabel (moderate)

openSUSE Security Update: Security update for openbabel Announcement ID: openSUSE-SU-2026:0220-1 Rating: moderate References: 1258501 Cross-References: CVE-2026-2704 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This update...

8.1CVSS5.8AI score0.00759EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53224

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
Rows per page
Query Builder