Lucene search
K

261 matches found

CBLMariner
CBLMariner
added 2025/03/25 3:8 p.m.6 views

CVE-2025-22868 affecting package moby-engine for versions less than 24.0.9-15

CVE-2025-22868 affecting package moby-engine for versions less than 24.0.9-15. A patched version of the package is available...

7.5CVSS7.3AI score0.00804EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/19 2:25 p.m.12 views

CVE-2020-9295

FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 running AV engine version 6.00137 and below may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious...

7.5CVSS7.3AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/15 2:53 a.m.17 views

CVE-2025-26865

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: from 18.12.17 before 18.12.18. It's a regression between 18.12.17 and 18.12.18. In case you use something like that, which is not recommended! For security, only...

3.5CVSS6.8AI score0.00623EPSS
Exploits0References1
CVE
CVE
added 2025/03/10 2:1 p.m.116 views

CVE-2025-26865

CVE-2025-26865 affects Apache OFBiz 18.12.17 through 18.12.18, due to improper neutralization of special elements in the template engine. It's a regression between 18.12.17 (safe) and 18.12.18 (patched). Affected component is the template engine in OFBiz; Red Hat, CNVD, OSV, NVD, and CVE lists de...

3.5CVSS7.1AI score0.00623EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/26 8:14 a.m.6 views

AZL-57363 CVE-2025-22868 affecting package moby-engine for versions less than 25.0.3-11

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS6.6AI score0.00804EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/02/19 8:5 p.m.6 views

CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10

CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10. A patched version of the package is available...

7.5CVSS8AI score0.91969EPSS
Exploits1
CNNVD
CNNVD
added 2025/02/19 12:0 a.m.3 views

Extreme Networks IQ Engine 安全漏洞

Extreme Networks IQ Engine is an engine by Extreme Networks, Inc. A security vulnerability exists in Extreme Networks IQ Engine versions prior to 10.6r1a and versions prior to 10.6r4 through 10.6r5, which originates from a buffer overflow in the ahwebui service...

9.8CVSS7AI score0.00705EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/06 4:12 a.m.14 views

CVE-2021-40420

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.1AI score0.04687EPSS
Exploits1
NVD
NVD
added 2025/01/08 4:15 a.m.13 views

CVE-2024-56456

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability...

6.8CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2025/01/08 3:21 a.m.55 views

CVE-2024-56454

CVE-2024-56454 affects Huawei HarmonyOS, specifically the glTF model loader in the 3D engine module. The root cause is a failure to properly verify input parameters during glTF model loading, which can lead to an availability impact if exploited. The CVSS v3.1 vector indicates a local attack with...

5.5CVSS6.9AI score0.00105EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2024/12/23 3:43 p.m.12 views

CVE-2024-56326

Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the...

7.8CVSS7.3AI score0.005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: moby-engine (CVE-2024-36621)

The version of moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36621 advisory. - moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The...

6.5CVSS6.5AI score0.00625EPSS
Exploits0References2
OSV
OSV
added 2024/11/14 5:23 p.m.6 views

CVE-2024-52393 WordPress Podlove Podcast Publisher plugin <= 4.1.15 - Admin+ Remote Code Execution (RCE) vulnerability

Deserialization of Untrusted Data vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress.This issue affects Podlove Podcast Publisher: from n/a through = 4.1.15...

9.1CVSS7.2AI score0.00518EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.6 views

PT-2024-35231 · Unknown · Podlove Podcast Publisher

Name of the Vulnerable Software and Affected Versions: Podlove Podcast Publisher versions through 4.1.15 Description: The issue is related to an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. This vulnerability allows for remote attacks due to flaws in the...

9.1CVSS9.3AI score0.00518EPSS
Exploits0References7
OSV
OSV
added 2024/10/16 1:15 p.m.7 views

CVE-2024-49271

: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates allows : Command Injection.This issue affects Unlimited Elements For Elementor Free Widgets, Addons, Templates: from n/a...

7.2CVSS5.8AI score0.01114EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.6 views

WordPress plugin Unlimited Elements For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

9.1CVSS6.6AI score0.01114EPSS
Exploits0References2
Debian
Debian
added 2024/10/13 6:59 p.m.91 views

[SECURITY] [DLA 3918-1] docker.io security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3918-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès October 13, 2024 https://wiki.debian.org/LTS -...

9.9CVSS6.7AI score0.16496EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/04 12:0 a.m.6 views

PT-2024-39657 · Avast · Avg/Avast Antivirus

Name of the Vulnerable Software and Affected Versions: AVG/Avast Antivirus versions prior to signature 24092400 Description: The issue is related to an out-of-bounds write in the engine module of AVG/Avast Antivirus, which can be triggered by a malformed eml file. This can cause the application t...

5.5CVSS6.8AI score0.00134EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.24 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2385)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

9.9CVSS7.5AI score0.16496EPSS
Exploits0References3
OSV
OSV
added 2024/08/19 6:15 a.m.6 views

CVE-2024-6451

AI Engine 2.4.3 is susceptible to remote-code-execution RCE via Log Poisoning. The AI Engine WordPress plugin before 2.5.1 fails to validate the file extension of "logspath", allowing Administrators to change log filetypes from .log to .php...

7.2CVSS5.8AI score0.00817EPSS
Exploits1References1
Rows per page
Query Builder