Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/08/06 8:28 a.m.2 views

CVE-2025-54571

A flaw was found in modsecurity. The engine may allow attackers to manipulate the HTTP response’s Content-Type header, enabling them to influence downstream processes or applications. This manipulation can be achieved remotely without authentication. Consequently, an attacker can alter the expect...

6.9CVSS6.5AI score0.00282EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/07/25 4:20 p.m.3 views

CVE-2025-8197

A global buffer overflow vulnerability was found in the soupheadernametostring function in Libsoup. The soupheadernametostring function does not validate the name parameter passed in, and directly accesses soupheadernamestringsname. The value of name is controllable, when name exceeds the index...

5.5CVSS7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/10 7:23 p.m.6 views

CVE-2025-53861

A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks allowing attackers to read transmitted data. Mitigation Currently, there is no mitigation available for this vulnerability...

3.1CVSS6.3AI score0.00099EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/08 5:37 p.m.3 views

CVE-2025-6491

A vulnerability was found in PHP. If a SoapVar instance is created with a fully qualified name larger than 2G, this will cause a NULL pointer dereference resulting in a segmentation fault, leading to a denial of service. Mitigation Currently, no mitigation is currently available for this...

5.9CVSS9.1AI score0.00944EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/06/19 3:50 a.m.2 views

CVE-2025-5416

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information. Mitigation Currently, no mitigation is available for...

2.7CVSS5.7AI score0.00242EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/30 9:38 p.m.16 views

CVE-2025-48946

A flaw in the HQC algorithm family in liboqs. Under specific conditions, an attacker who can capture an encrypted exchange can recover the clear text. There is currently no patch as the algorithm specification is the core issue. The HQC team is working on an updated specification. Users should...

3.7CVSS4AI score0.00201EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/26 11:16 a.m.9 views

CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution. Mitigation Currently no...

7.3CVSS7.1AI score0.00161EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/24 1:59 a.m.13 views

CVE-2025-46421

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect. Mitigation Currently, no...

6.8CVSS6.5AI score0.00478EPSS
Exploits0References3
CVE
CVE
added 2025/04/15 8:31 p.m.185 views

CVE-2025-30689

CVE-2025-30689 — Oracle MySQL Server (Optimizer) is validated by connected advisories as affecting MySQL Server’s Optimizer component across versions 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. The issue is exploitable by a high-privilege attacker with network access via multiple protocols, poten...

4.9CVSS4.7AI score0.0076EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/10 6:21 a.m.19 views

CVE-2025-32728

A flaw was found in OpenSSH. In affected versions of sshd, the DisableForwarding directive does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and agent forwarding, which may allow unintended access under certain configurations. Mitigation To...

4.3CVSS6.7AI score0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/03 2:12 a.m.13 views

CVE-2025-32051

A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS. Mitigation No mitigation is currently available for this vulnerability...

5.9CVSS6.9AI score0.00519EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/28 7:31 a.m.10 views

CVE-2025-2901

A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scrip...

4.6CVSS4.9AI score
Exploits0References3
Cvelist
Cvelist
added 2005/02/28 5:0 a.m.15 views

CVE-2005-0940

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.50 views

CVE-2025-48787

CVE-2025-48787 entry is rejected/not used per the Initial Description.

7.2AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.8 views

CVE-2024-23413

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.34 views

CVE-2025-48426

CVE-2025-48426 entry is rejected and does not represent an active vulnerability.

7AI score
Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.29 views

CVE-2022-33200

CVE-2022-33200 is rejected/not used and does not represent an active vulnerability entry.

7AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.14 views

CVE-2023-22498

...

Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.5 views

CVE-2018-4595

...

Exploits0
Rows per page
Query Builder