Lucene search
K

3677 matches found

Cvelist
Cvelist
added 2026/05/27 1:10 p.m.38 views

CVE-2026-6936 IBM i is Affected by a Denial of Service Vulnerability []

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment ILE compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of...

6.5CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:10 p.m.18 views

CVE-2026-6936

CVE-2026-6936 affects IBM i versions 7.3–7.6 (5770-999). The vulnerability is due to uncontrolled recursion in the Integrated Language Environment (ILE) compiler, enabling an authenticated attacker to cause a denial-of-service by compiling specially crafted source code. CVSS v3.1 base score is 6....

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 1:10 p.m.15 views

CVE-2026-6936 IBM i is Affected by a Denial of Service Vulnerability []

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment ILE compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 1:10 p.m.8 views

CVE-2026-6936

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment ILE compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/27 1:10 p.m.16 views

EUVD-2026-32491

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment ILE compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/27 12:5 a.m.18 views

Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

6.1AI score0.00473EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

IBM i 安全漏洞

IBM i is an operating system developed by the American International Business Machines IBM company, which runs on IBM Power Systems and IBM PureSystems. Versions 7.6, 7.5, 7.4, and 7.3 of IBM i have security vulnerabilities. These vulnerabilities stem from uncontrolled recursion in the Integrated...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.26 views

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-118 (ALASDOCKER-2026-118)

The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-118 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...

9.8CVSS7.5AI score0.00621EPSS
Exploits0References18
OSV
OSV
added 2026/05/26 6:16 p.m.6 views

UBUNTU-CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS5.6AI score0.00125EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 5:48 p.m.65 views

CVE-2026-44728

CVE-2026-44728 affects Babel, a JavaScript compiler. Vulnerability occurs when compiling code that is specifically crafted by an attacker, enabling output code to execute arbitrary code. Affects Babel versions 7.12.0 through before 7.29.4 and 8.0.0-alpha.13. Root cause is the generation of advers...

8.2CVSS6AI score0.00125EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Babel 安全漏洞

Babel is a JavaScript compiler developed by Babel OpenSource. Versions of Babel from 7.12.0 to 7.29.4, as well as 8.0.0-alpha.13, have security vulnerabilities. These vulnerabilities stem from the possibility of generating outputs that can execute arbitrary code during the compilation of speciall...

8.2CVSS6.2AI score0.00125EPSS
Exploits0References1
Amazon
Amazon
added 2026/05/26 12:0 a.m.20 views

Medium: soci-snapshotter

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.4AI score0.00621EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.26 views

Important: amazon-cloudwatch-agent

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.1AI score0.01163EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 3:12 p.m.14 views

Malicious code in vue-compiler-sfc-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/05/25 3:12 p.m.17 views

MAL-2026-4707 Malicious code in vue-compiler-sfc-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...

6.1AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/24 1:16 a.m.77 views

Database-Exploitation-Manual

🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...

5.9AI score
Exploits0
Rockylinux
Rockylinux
added 2026/05/21 4:27 p.m.16 views

gcc-toolset-13-gcc bug fix and enhancement update

An update is available for gcc-toolset-13-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc-toolset-13-gcc13 package contains the GNU Compiler...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/21 11:0 a.m.20 views

CLSA-2026-1779361233 java-1.8.0-openjdk: Fix of 7 CVEs

Update to shenandoah-jdk8u492-b09 - Security fixes from OpenJDK 8u492-b09: - CVE-2026-22007: enhance crypto algorithm support - CVE-2026-22013: improve Kerberos credentialing - CVE-2026-22016: enhance Path Factories Redux - CVE-2026-22018: enhance Zip file reading - CVE-2026-22021: enhance...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Ruby 2.5

A issue was discovered in Ruby 3.x through 3.3.0. If data supplied by an attacker is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3....

6.6CVSS7.3AI score0.00629EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390: Avoid using a global register for the currentstackpointer. The commit 30de14b1884b “s390: The currentstackpointer should not be a function” changed the currentstackpointer to a global register variable, as is common on many...

7.8CVSS5.8AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder