Lucene search
K

120293 matches found

OSV
OSV
added 2 days ago4 views

MINI-238W-5FV7-C6VM

Bulletin has no description...

9.1CVSS5.9AI score0.00466EPSS
Exploits0
OSV
OSV
added 2 days ago6 views

MINI-32C6-97VG-WWPF

Bulletin has no description...

9.1CVSS5.9AI score0.0036EPSS
Exploits0
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score0.00082EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-14544

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS6.3AI score0.00511EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

CGA-CWXR-C5VF-P22P

Bulletin has no description...

6.3CVSS5.9AI score0.0037EPSS
Exploits0
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41522

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-9756

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References9
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-9079

libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them...

6AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2 days ago7 views

DEBIAN-CVE-2026-8927

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

5.9AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2 days ago9 views

DEBIAN-CVE-2026-8926

When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...

6AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

DEBIAN-CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

6AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2 days ago5 views

DEBIAN-CVE-2026-8458

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

6AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2 days ago5 views

DEBIAN-CVE-2026-8925

The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the same pointer twice...

5.9AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

DEBIAN-CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

6AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2 days ago5 views

DEBIAN-CVE-2026-11352

An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...

6.7AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

DEBIAN-CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

6AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 3 days ago2 views

ECHO-39C4-8954-FB97

Bulletin has no description...

8.3CVSS5.7AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 3 days ago3 views

ECHO-99BB-E39E-27A9

Bulletin has no description...

9.6CVSS5.7AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 3 days ago2 views

ECHO-62AE-5071-E8C2

Bulletin has no description...

9.6CVSS5.7AI score0.00276EPSS
Exploits0References1
Rows per page
Query Builder