Lucene search
K

2737 matches found

OSV
OSV
added yesterday5 views

DEBIAN-CVE-2026-45074

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.1.0 until 7.4.12 and 8.0.12, Cas2Handler builds the CAS service parameter from Request::getSchemeAndHttpHost, which reflects an attacker-controlled Host header when framework.trustedhosts is n...

7.6CVSS6.1AI score0.00064EPSS
Exploits0References1
OSV
OSV
added yesterday5 views

DEBIAN-CVE-2026-54433

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, there is Stored Cross-Site Scripting XSS via a crafted plain-text email message. The attacker-controlled JavaScript executes within the victim's authenticated session simply by opening or previewing the message zero-click...

7.2CVSS6.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.13 views

Debian dsa-6381 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6381 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/securit...

9.8CVSS6.6AI score0.00497EPSS
Exploits7References52
Debian
Debian
added 2026/07/05 7:9 p.m.9 views

[SECURITY] [DSA 6381-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2026 https://www.debian.org/security/faq -...

9.8CVSS6.7AI score0.00497EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/07/05 12:0 a.m.22 views

Debian dsa-6378 : chromium - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6378 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6378-1 [email protected] https://www.debian.org/securit...

10CVSS6.4AI score0.00479EPSS
Exploits0References874
Debian
Debian
added 2026/07/04 12:44 p.m.8 views

[SECURITY] [DSA 6377-1] php8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6377-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 04, 2026 https://www.debian.org/security/faq -...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
OSV
OSV
added 2026/07/03 7:16 a.m.10 views

DEBIAN-CVE-2026-8927

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

9.1CVSS5.9AI score0.00752EPSS
Exploits1References1
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

DEBIAN-CVE-2026-53339

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device...

5.7AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13980

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13966

Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13945

Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-13869

Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-13860

Incorrect security UI in Autofill in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References1
Debian
Debian
added 2026/06/30 9:30 p.m.8 views

[SECURITY] [DSA 6374-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6374-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 30, 2026 https://www.debian.org/security/faq -...

9.2CVSS7.7AI score0.03552EPSS
Exploits1
OSV
OSV
added 2026/06/29 8:17 p.m.6 views

DEBIAN-CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References1
Debian
Debian
added 2026/06/28 2:13 p.m.13 views

[SECURITY] [DSA 6372-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6372-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 28, 2026 https://www.debian.org/security/faq -...

5.8AI score
Exploits0
Debian
Debian
added 2026/06/27 9:29 a.m.12 views

[SECURITY] [DSA 6370-1] xorg-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6370-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 27, 2026 https://www.debian.org/security/faq -...

7.8CVSS5.8AI score0.00165EPSS
Exploits0
OSV
OSV
added 2026/06/26 8:17 p.m.7 views

DEBIAN-CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
Debian
Debian
added 2026/06/25 6:21 p.m.6 views

[SECURITY] [DSA 6366-1] sogo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6366-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

8.6CVSS5.7AI score0.00398EPSS
Exploits0
Rows per page
Query Builder