Lucene search
K

327 matches found

RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-55404

A flaw was found in yt-dlp and youtube-dl, command-line tools for downloading audio and video. This vulnerability allows an attacker to inject malicious code into shortcut files .url or .desktop when certain options, such as --write-link, are used. By manipulating the webpageurl or filename...

8.8CVSS6.2AI score0.0064EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.10 views

CVE-2026-29049 vulnerabilities

Vulnerabilities for packages: wolfictl, apply-cve-bump, cg, dl...

4.3CVSS7AI score0.00226EPSS
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.12 views

GHSA-7RP8-R62P-Q6WC vulnerabilities

Vulnerabilities for packages: wolfictl, apply-cve-bump, cg, dl...

6.1AI score
Exploits0
Fedora
Fedora
added 2026/06/24 1:33 a.m.7 views

[SECURITY] Fedora 43 Update: yt-dlp-2026.06.09-1.fc43

yt-dlp is a command-line program to download videos from many different online video platforms, such as youtube.com. The project is a fork of youtube-dl with additional features and fixes...

9.6CVSS5.8AI score0.00555EPSS
Exploits1
Fedora
Fedora
added 2026/06/21 1:1 a.m.6 views

[SECURITY] Fedora 44 Update: yt-dlp-2026.06.09-1.fc44

yt-dlp is a command-line program to download videos from many different online video platforms, such as youtube.com. The project is a fork of youtube-dl with additional features and fixes...

9.6CVSS5.8AI score0.00555EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop the dlserver function before the CPU goes offline. The IBM CI tool reported a kernel warning1 when performing a CPU removal operation using drmgr2. For example: “drmgr -c cpu -r -q 1”. WARNING: CPU: 0 PID: 0 ...

5.8AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 2:16 p.m.15 views

CVE-2026-42099

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

7.7CVSS0.00724EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:59 p.m.13 views

CVE-2026-42099

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

7.7CVSS6.2AI score0.00724EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41895

Name of the Vulnerable Software and Affected Versions Sparx Pro Cloud Server versions 6.1 build 167 and earlier Description A race condition exists in the '/data api/dl internal artifact.php' endpoint. The application downloads object properties based on the guid parameter and saves the content i...

7.7CVSS6.2AI score0.00724EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/09 12:37 p.m.3 views

ruby: missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7AI score0.13666EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/09 12:35 p.m.2 views

ruby: missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7AI score0.13666EPSS
Exploits1References4
Fedora
Fedora
added 2026/03/05 5:6 p.m.11 views

[SECURITY] Fedora 44 Update: yt-dlp-2026.02.21-1.fc44

yt-dlp is a command-line program to download videos from many different online video platforms, such as youtube.com. The project is a fork of youtube-dl with additional features and fixes...

8.8CVSS5.9AI score0.01596EPSS
Exploits2
Fedora
Fedora
added 2026/02/25 12:53 a.m.10 views

[SECURITY] Fedora 43 Update: yt-dlp-2026.02.21-1.fc43

yt-dlp is a command-line program to download videos from many different online video platforms, such as youtube.com. The project is a fork of youtube-dl with additional features and fixes...

8.8CVSS5.9AI score0.01596EPSS
Exploits2
CVE
CVE
added 2026/02/01 12:56 p.m.10 views

CVE-2023-54343

CVE-2023-54343 affects the mobile web application QWE DL 2.0.1 . The issue is a persistent input validation vulnerability that allows remote attackers to inject malicious script through path parameter manipulation, enabling persistent cross-site scripting (XSS) attacks. Reported impact includes p...

6.4CVSS6AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/01 12:56 p.m.33 views

CVE-2023-54343 QWE DL 2.0.1 Persistent XSS Vulnerability via Path Parameter

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading t...

6.4CVSS0.00305EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37990)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37990 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handlin...

5.5CVSS5.3AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992326 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sccount directly if fail to queue dlrecall A deadlock warning occurred when invoki...

5.5CVSS6.2AI score0.00247EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/13 4:44 p.m.7 views

CVE-2025-40163

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dlserver before CPU goes offline IBM CI tool reported kernel warning1 when running a CPU removal operation through drmgr2. i.e "drmgr -c cpu -r -q 1" WARNING: CPU: 0 PID: 0 at kernel/sched/cpudeadline.c:219...

5.5AI score0.0018EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-40163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dlserver before CPU goes offline IBM CI tool reported kernel warning1...

5.8AI score0.0018EPSS
Exploits0References2
Rows per page
Query Builder