Lucene search
K

275973 matches found

RedHat Linux
RedHat Linux
added 4 days ago6 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 4 days ago4 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS5.9AI score0.0047EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 4 days ago3 views

Security update for buildah

This update for buildah fixes the following issues CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267179. CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input...

9.1CVSS7AI score0.00868EPSS
Exploits2References58
SUSE Linux
SUSE Linux
added 4 days ago4 views

Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues CVE-2025-54080: out-of-bounds read in Exiv2::EpsImage::writeMetadata when writing metadata into a crafted image file bsc1248962. CVE-2026-25884: out-of-bounds read in CrwMap::decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in...

8.3CVSS5.8AI score0.00367EPSS
Exploits1References16
SUSE Linux
SUSE Linux
added 4 days ago5 views

Security update for curl

This update for curl fixes the following issues CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-5773: wrong reuse of SMB connection bsc1262633. CVE-2026-6253: proxy credentials leak over redirect-to...

8.3CVSS7.1AI score0.00639EPSS
Exploits6References24
SUSE Linux
SUSE Linux
added 4 days ago3 views

Security update for libsoup

This update for libsoup fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References4
GithubExploit
GithubExploit
added 4 days ago39 views

Exploit for Use After Free in Google Android

Root Sonim XP3800 Root access for the Sonim XP3800 XP3plus...

7.8CVSS6.1AI score0.72105EPSS
Exploits27
OSV
OSV
added 4 days ago10 views

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

9.8CVSS6.9AI score0.03663EPSS
Exploits30References449
Securelist
Securelist
added 4 days ago16 views

ToddyCat: your hidden email assistant. Part 2

Introduction We continue to share details on the malicious techniques and toolsets used by the ToddyCat APT group. In the first part of this report, we examined the group's attacks aimed at stealing data from browsers, as well as from local and cloud email services. The methods used in that...

5.9AI score
Exploits0
SUSE Linux
SUSE Linux
added 4 days ago4 views

Security update for pacemaker

This update for pacemaker fixes the following issue CVE-2026-10649: denial of service via integer overflow in remote message decompression bsc1268381. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.9AI score0.0044EPSS
Exploits0References4
CVE
CVE
added 4 days ago7 views

CVE-2026-49432

CVE-2026-49432 affects Apache ActiveMQ, including ActiveMQ All and ActiveMQ Stomp, due to improper input validation on STOMP exposure. A remote unauthenticated attacker can trigger denial-of-service by sending a negative content-length to an exposed STOMP connector. On the NIO STOMP transport, an...

7.5CVSS6AI score0.00844EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-49432 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

0.00844EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-49432

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

6AI score0.00844EPSS
Exploits0References2Affected Software3
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-40284

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

7.5CVSS6AI score0.00844EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago6 views

CVE-2026-49432 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

6AI score0.00844EPSS
Exploits0References1
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-49432

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

7.5CVSS5.9AI score0.00844EPSS
Exploits0
RedHat Linux
RedHat Linux
added 4 days ago8 views

Important: Red Hat Security Advisory: redis:7 security update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.3AI score0.01782EPSS
Exploits0References2
Circl
Circl
added 4 days ago7 views

CVE-UNASSIGNED-2020-ZYXEL-CPE-COMMAND-INJECTION-RCE-01

creationtimestamp| type| source ---|---|--- 2026-06-30 09:39:37+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7a5b5786-b418-4a38-b09b-03ba93dca08c...

5.8AI score
Exploits0References1
SUSE Linux
SUSE Linux
added 4 days ago4 views

Security update for cifs-utils

This update for cifs-utils fixes the following issue CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 4 days ago3 views

Security update for cifs-utils

This update for cifs-utils fixes the following issue CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
Rows per page
Query Builder