Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/21 5:14 a.m.14 views

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.2.0 Vulnerability Details CVEID:CVE-2025-54121 DESCRIPTION: Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions...

6.9CVSS7.7AI score0.0056EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-8628ba80b1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.00196EPSS
Exploits0References5
Circl
Circl
added 2025/08/21 1:34 p.m.44 views

CVE-2025-54368

creationtimestamp| type| source ---|---|--- 2025-08-21 13:34:09+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lww2mexg5c2e...

6.8CVSS7.3AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/08 12:5 p.m.7 views

CVE-2025-54368

A flaw was found in uv. The package's handling of remote ZIP archives processes entries sequentially without verifying them against the archive's central directory. This vulnerability allows a remote attacker to craft a malicious ZIP archive that can cause unexpected behavior when processed...

6.8CVSS6.1AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2025/08/08 12:15 a.m.8 views

CVE-2025-54368

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

6.8CVSS0.00196EPSS
Exploits0References4
CVE
CVE
added 2025/08/08 12:0 a.m.34 views

CVE-2025-54368

CVE-2025-54368 affects uv (Python package/project manager) up to v0.8.5, where remote ZIPs are parsed streaming-wise and archive entries aren’t reconciled with the central directory. An attacker could craft a ZIP that yields legitimate contents for some installers but malicious contents for other...

6.8CVSS6AI score0.00196EPSS
Exploits0References4
Rows per page
Query Builder