Lucene search
K

648695 matches found

Qualys Blog
Qualys Blog
added 49 minutes ago3 views

Operationalizing Day Minus Seven: The Cloud-Native ROC

Summary Frontier AI models in the post-Mythos era are changing the speed and scale of exposure risk. Security teams are entering an era where AI can help discover, chain, and exploit weaknesses faster than traditional programs can absorb. The challenge is no longer finding more issues; it’s knowi...

Exploits0
RedHat Linux
RedHat Linux
added 1 hour ago1 views

libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS0.00205EPSS
Exploits1References4
Krebs on Security
Krebs on Security
added 3 hours ago4 views

Felons, Fraudsters Flog Offensive Cybersecurity Startup

A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platfor...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 3 hours ago2 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

Exploits0
Malwarebytes
Malwarebytes
added 3 hours ago5 views

Your next car could be watching your face

To reduce traffic incidents, all new cars sold in the EU must now include driver-monitoring technology, including Driver Drowsiness and Attention Warning DDAW systems and, on newer vehicles, Advanced Driver Distraction Warning ADDW systems. Similar requirements are expected in the US, where the...

5.9AI score
Exploits0
Rockylinux
Rockylinux
added 3 hours ago2 views

perl-HTTP-Daemon security update

An update is available for perl-HTTP-Daemon. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The perl-HTTP-Daemon package includes the HTTP::Daemon class, a...

9.1CVSS6.5AI score0.01231EPSS
Exploits0
Rockylinux
Rockylinux
added 3 hours ago2 views

nginx:1.24 security, bug fix, and enhancement update

An update is available for nginx, module.nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

9.2CVSS6.8AI score0.02838EPSS
Exploits1
Rockylinux
Rockylinux
added 3 hours ago2 views

skopeo security update

An update is available for skopeo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The skopeo command lets you inspect images from container image registries, ge...

7.5CVSS7.3AI score0.00904EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 3 hours ago10 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.00121EPSS
Exploits0References5Affected Software2
OSV
OSV
added 4 hours ago1 views

BIT-PHP-MIN-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 4 hours ago1 views

BIT-PHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 4 hours ago1 views

BIT-LIBPHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00276EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 5 hours ago5 views

nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers

A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...

9.2CVSS7.7AI score0.02838EPSS
Exploits1References5
GithubExploit
GithubExploit
added 5 hours ago11 views

windows7-eternalblue-lab

MS17-010 EternalBlue Exploitation Lab Hands-on penetration t...

9.3CVSS7.4AI score0.93307EPSS
Exploits47
Debian CVE
Debian CVE
added 6 hours ago3 views

CVE-2026-56003

computeProps Property Buffer Heap Buffer Overflow...

8.5CVSS5.9AI score
Exploits0
Debian CVE
Debian CVE
added 6 hours ago5 views

CVE-2026-56002

PCF Font Parsing Heap Buffer Overflow...

8.5CVSS5.9AI score
Exploits0
Debian CVE
Debian CVE
added 6 hours ago4 views

CVE-2026-56001

BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow...

8.5CVSS5.9AI score
Exploits0
OSV
OSV
added 6 hours ago1 views

DEBIAN-CVE-2026-56003

Bulletin has no description...

8.5CVSS5.9AI score
Exploits0References1
OSV
OSV
added 6 hours ago1 views

DEBIAN-CVE-2026-56002

Bulletin has no description...

8.5CVSS5.9AI score
Exploits0References1
OSV
OSV
added 6 hours ago1 views

DEBIAN-CVE-2026-56001

Bulletin has no description...

8.5CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder