Lucene search
K

1086631 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.63 views

Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application

Question Security Bulletin: Multiple vulnerabilities with the open source Perl Compatible Regular Expression PCRE libraries used in IBM Aspera Shares Application "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM...

5.4AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2026/06/18 5:32 p.m.14 views

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed below - CVE-2026-42530 CVSS v4 score: 9.2 - A use-after-free vulnerability in the ngxhttpv3module that...

9.2CVSS6.8AI score0.03299EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/06/18 4:45 p.m.8 views

CVE-2026-42530

A flaw was found in the ngxhttpv3module module of NGINX. When NGINX is configured to use the HTTP/3 QUIC module, an attacker can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream and cause a use-after-free issue, potentially allowing code execution or a denial of service by...

9.2CVSS6.3AI score0.03299EPSS
Exploits3References4
Wordfence Blog
Wordfence Blog
added 2026/06/18 4:42 p.m.7 views

Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Plugin

On May 13th, 2026, we received a submission for a critical Unauthenticated Arbitrary File Deletion vulnerability in Avada Builder, a premium WordPress plugin with an estimated 1,000,000 active installations. This vulnerability makes it possible for unauthenticated attackers to delete arbitrary...

9.1CVSS6.6AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 4:41 p.m.15 views

USN-8454-1: libheif vulnerabilities

Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-32738 Elhanan Haenel discovered that libheif incorrectly...

8.8CVSS5.1AI score0.00514EPSS
Exploits5
OSV
OSV
added 2026/06/18 4:41 p.m.3 views

USN-8454-1 libheif vulnerabilities

Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-32738 Elhanan Haenel discovered that libheif incorrectly...

8.8CVSS5.9AI score0.00514EPSS
Exploits5References10
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:30 p.m.8 views

CVE-2026-10687

This CVE Record has been rejected by the Zephyr Project CNA. Subsequent analysis, confirmed with the fix author, determined that the addressed defect does not apply to any released version of Zephyr: the affected code path exists only in unreleased development code, and no released branch is...

5.3AI score
Exploits0References1
NVD
NVD
added 2026/06/18 4:16 p.m.12 views

CVE-2025-27511

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.27.0 of the GeoServer DB2 DataStore Extension, an administrator can perform a JNDI attack through specially crafted DB2 jdbc url leading to to Remote Code Execution RCE. Version 2.27.0 fixes...

7.2CVSS0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 4:5 p.m.8 views

USN-8451-1 vim vulnerabilities

Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled directory names when serializing browsed paths to the netrw history file. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-47162 It was discovered that Vim incorrectly handled step-definition pattern...

8.8CVSS6AI score0.00303EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/18 3:49 p.m.8 views

EUVD-2026-37904

Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that allows unbounded accumulation of in-memory flow state and daemon threads. Attackers can send repeated or concurrent requests to exhaust server memory and...

6.9CVSS5.3AI score0.00301EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/18 3:45 p.m.6 views

CVE-2026-52860

A flaw was found in Vim, an open-source command-line text editor. The Python omni-completion feature executes reconstructed function and class definitions from the current buffer. A remote attacker can exploit this by crafting a hostile buffer, leading to the execution of attacker-controlled Pyth...

8CVSS5.8AI score0.00224EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 3:11 p.m.3 views

MINI-84HW-RMGH-9M3V

Bulletin has no description...

10CVSS5AI score0.00285EPSS
Exploits0
OSV
OSV
added 2026/06/18 3:7 p.m.4 views

MINI-WPQV-82XP-97FV

Bulletin has no description...

10CVSS4.9AI score0.00218EPSS
Exploits0
Snyk
Snyk
added 2026/06/18 3:4 p.m.6 views

Improper Restriction of Rendered UI Layers or Frames

Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames via the NbconvertFileHandler and NbconvertPostHandler classes when rendering user-authored notebook HTML without a proper sandbox directive in the Content-Security-Policy. An attacker...

9.3CVSS6.7AI score0.00227EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/18 3:4 p.m.22 views

Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP

The nbconvert HTTP handlers in jupyterserver render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default non-sanitizing behavior, a notebook carrying an HTML payload in a displaydata outpu...

9.3CVSS5.3AI score0.00227EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/18 2:52 p.m.4 views

MINI-97H9-956F-MMC3

Bulletin has no description...

9.1CVSS4.9AI score0.00338EPSS
Exploits0
OSV
OSV
added 2026/06/18 2:52 p.m.3 views

MINI-5V95-JF79-M8HG

Bulletin has no description...

9.1CVSS4.9AI score0.005EPSS
Exploits0
OSV
OSV
added 2026/06/18 2:51 p.m.3 views

MINI-Q7V9-CWXC-6969

Bulletin has no description...

9.8CVSS6.5AI score0.00472EPSS
Exploits0
OSV
OSV
added 2026/06/18 2:50 p.m.2 views

MINI-3PJH-MR2Q-G7VR

Bulletin has no description...

9.1CVSS4.9AI score0.00373EPSS
Exploits0
OSV
OSV
added 2026/06/18 2:50 p.m.5 views

MINI-C43J-XCX3-G4C5

Bulletin has no description...

9.1CVSS4.9AI score0.005EPSS
Exploits0
Rows per page
Query Builder