Lucene search
K

2584 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
Nuclei
Nuclei
added yesterday23 views

SRS Simple Hits Counter 1.0.3-1.0.4 - Unauthenticated Blind SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in SRS Simple Hits Counter Plugin for WordPress 1.0.3 and 1.0.4 allows a remote, unauthenticated attacker to determine the value of database fields. id: CVE-2020-5766 info: name: SRS Simple Hits Counter 1.0.3-1.0.4...

7.5CVSS7AI score0.06052EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added yesterday4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS6.8AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 6 days ago5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 6 days ago5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 6 days ago7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
OSV
OSV
added last week6 views

CVE-2026-58472 GNU Wget 1.25.0 Heap Buffer Overflow via HTML Attribute Encoding

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added last week5 views

CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added last week3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.9AI score0.0014EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/06 8:9 p.m.5 views

EUVD-2026-41930

Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security...

7.1CVSS6AI score0.00069EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-55992

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A cryptographic issue exists when using a static initialization vector IV for AES-GCM key wrapping. AES-GCM requires a unique IV for every call to maintain...

7.1CVSS6.1AI score0.00069EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/07/01 12:3 p.m.5 views

glibc security, bug fix, and enhancement update

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

9.8CVSS5.9AI score0.00451EPSS
Exploits1
EUVD
EUVD
added 2026/07/01 12:34 a.m.11 views

EUVD-2026-40449

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS0.00229EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54045

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-22 Description An information disclosure issue exists in the PasskeyEncipherImage method. The flaw is caused by the reuse of a nonce a unique number used once in the AES-CTR cipher implementation. This allow...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 9:16 p.m.4 views

DEBIAN-CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS5.8AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 9:16 p.m.6 views

UBUNTU-CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS5.8AI score0.00295EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:42 p.m.5 views

CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

5.8AI score0.00295EPSS
Exploits0References3
Rows per page
Query Builder