Lucene search
+L

508 matches found

Vulnrichment
Vulnrichment
added 2026/04/08 8:58 p.m.2 views

CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds typically the Nix daemon running as root in multi-user installations by following symlinks during...

9CVSS6.7AI score0.00193EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/08 8:58 p.m.20 views

CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds typically the Nix daemon running as root in multi-user installations by following symlinks during...

9CVSS0.00193EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 6:6 a.m.5 views

Security Bulletin: Vulnerability in libssh library (CVE-2025-5372) affects Power HMC.

Summary The libssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-5372 DESCRIPTION: A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible...

8.8CVSS6.6AI score0.00407EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/04 4:22 a.m.34 views

Parse Server: File upload Content-Type override via extension mismatch

Impact A file can be uploaded with a filename extension that passes the file extension allowlist e.g., .txt but with a Content-Type header that differs from the extension e.g., text/html. The Content-Type is passed to the storage adapter without consistency validation. Storage adapters that store...

5.4CVSS5.9AI score0.00162EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/03 11:25 p.m.6 views

SUSE CVE-2026-31397

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References3
OSV
OSV
added 2026/04/03 3:16 p.m.2 views

CVE-2026-31397 mm/huge_memory: fix use of NULL folio in move_pages_huge_pmd()

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

7.8CVSS6.2AI score0.00119EPSS
Exploits0References6
OSV
OSV
added 2026/03/26 9:17 p.m.3 views

ALPINE-CVE-2026-2100

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.9AI score0.0116EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 6:56 p.m.2 views

GHSA-CG6C-Q2HX-69H7 OpenClaw: Plivo V2 verified replay identity drifts on query-only variants

Summary Before v2026.3.23, the Plivo V2 verification path treated query-only variants of the same signed request as fresh verified work. Plivo V2 signatures authenticate baseUrl + nonce, but the replay key was derived from the full verification URL including the query string, so unsigned query-on...

8.2CVSS5.8AI score0.00283EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.5 views

CVE-2026-32614

Go ShangMi Commercial Cryptography Library GMSM is a cryptographic library that covers the Chinese commercial cryptographic public algorithms SM2/SM3/SM4/SM9/ZUC. Prior to 0.41.1, the current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause...

7.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Veracode
Veracode
added 2026/03/26 11:0 a.m.7 views

Inadequate Encryption Strength

github.com/cloudflare/gokey is vulnerable to Inadequate Encryption Strength. The vulnerability is due to flawed seed decryption logic that uses only limited entropy from the initialization vector and authentication tag, which allows an attacker with access to the seed file to derive generated...

7.1CVSS5.9AI score0.00145EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/25 12:24 a.m.3 views

SUSE CVE-2026-32614

Go ShangMi Commercial Cryptography Library GMSM is a cryptographic library that covers the Chinese commercial cryptographic public algorithms SM2/SM3/SM4/SM9/ZUC. Prior to 0.41.1, the current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause...

7.5CVSS5.9AI score0.00211EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/03/23 3:22 p.m.160 views

Exploit for CVE-2024-51346

CVE-2024-51346: Cryptographic Bypass and Media Decryption in E...

5.8AI score0.00123EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/23 10:53 a.m.5 views

CVE-2026-33204

A flaw was found in SimpleJWT, a PHP library for JSON Web Tokens. An unauthenticated attacker can exploit this vulnerability by tampering with JSON Web Encryption JWE headers when Password-Based Key Derivation Function 2 PBES2 algorithms are in use. This can lead to a Denial of Service DoS if an...

7.5CVSS5.7AI score0.00481EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/19 12:0 a.m.22 views

CVE-2025-67114

Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...

0.00517EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 12:0 a.m.4 views

CVE-2025-67114

Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...

5.9AI score0.00517EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 8:16 p.m.6 views

GHSA-XW36-67F8-339X SimpleJWT has an Unauthenticated Denial of Service via JWE header tampering

Summary An unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt on attacker-controlled JWEs using PBES2 algorithms are affected. Details PHP version: PHP 8.4.11 SimpleJWT version: v1.1.0 The relevant...

7.5CVSS5.9AI score0.00481EPSS
Exploits1References4
NVD
NVD
added 2026/03/16 2:19 p.m.9 views

CVE-2026-32614

Go ShangMi Commercial Cryptography Library GMSM is a cryptographic library that covers the Chinese commercial cryptographic public algorithms SM2/SM3/SM4/SM9/ZUC. Prior to 0.41.1, the current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause...

7.5CVSS0.00211EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.2 views

EulerOS Virtualization 2.12.1 : libssh (EulerOS-SA-2026-1439)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The librar...

8.8CVSS5.9AI score0.02449EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS Virtualization 2.12.0 : libssh (EulerOS-SA-2026-1496)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The librar...

8.8CVSS6.6AI score0.02449EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:14 p.m.4 views

CVE-2026-32614

Go ShangMi Commercial Cryptography Library GMSM is a cryptographic library that covers the Chinese commercial cryptographic public algorithms SM2/SM3/SM4/SM9/ZUC. Prior to 0.41.1, the current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause...

7.5CVSS5.9AI score0.00211EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder