Lucene search
K

52721 matches found

Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

7.5CVSS5.9AI score0.00418EPSS
Exploits1
OSV
OSV
added 5 days ago3 views

UBUNTU-CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.8AI score0.00796EPSS
Exploits0References3
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-53916

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 5 days ago9 views

CVE-2026-40987

A flaw was found in Spring Integration. A malicious or compromised FTP File Transfer Protocol, SFTP SSH File Transfer Protocol, or SMB Server Message Block server can exploit this vulnerability. This allows the server to write arbitrary files with attacker-controlled content to any location on th...

7.1CVSS6.2AI score0.0021EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago11 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00813EPSS
Exploits0References8
CVE
CVE
added 5 days ago8 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, and Apache ActiveMQ All allows an unauthenticated network attacker to cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The broker may allocate memor...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40282

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40278

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 5 days ago6 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.6AI score0.00464EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-53999

Name of the Vulnerable Software and Affected Versions Invoice Ninja versions prior to 5.13.27 Description An open redirect exists in the client portal login. Unauthenticated attackers can redirect authenticated users to external URLs by injecting a malicious value into the intended query paramete...

5.3CVSS6AI score0.00176EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-53916

Name of the Vulnerable Software and Affected Versions OpenZiti versions prior to 2.0.1 Description A privilege escalation flaw exists in the controller enrollment management path. An authenticated non-admin identity with fine-grained enrollment management permissions can create enrollments for an...

8.8CVSS6AI score0.00244EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-53979

Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can bypass security controls and perform unauthorized actions. This occurs because security checks that should be enforced on the server are instead...

6.5CVSS6AI score0.00375EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-53992

Name of the Vulnerable Software and Affected Versions DCMTK affected versions not specified Description A compromised or malicious server can force a client to write files outside the designated output directory. This occurs when the client uses the bit-preserving C-GET storage mode, allowing the...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-53874

Name of the Vulnerable Software and Affected Versions GLib affected versions not specified Description A flaw exists in the D-Bus client-side implementation of the DBUS COOKIE SHA1 SASL authentication mechanism. The system fails to validate the cookie context parameter received from the server. A...

7.5CVSS6.1AI score0.00418EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 6 days ago11 views

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-687_10_1 security update

An update for kpatch-patch-5140-687101 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS7AI score0.00353EPSS
Exploits13References3
RedHat Linux
RedHat Linux
added 6 days ago3 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 6 days ago6 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.6AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 6 days ago3 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.6AI score0.00353EPSS
Exploits4References7
NVD
NVD
added 6 days ago7 views

CVE-2026-56124

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS0.00365EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-58051

A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References6
Rows per page
Query Builder