Lucene search
K

29728 matches found

CNNVD
CNNVD
added 2026/02/24 12:0 a.m.7 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due t...

9.8CVSS7.9AI score0.00314EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.7 views

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

7.5CVSS7.1AI score0.00285EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2026/02/24 12:0 a.m.6 views

VulnCheck KEV: CVE-2026-20029

A vulnerability in the licensing features of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improper parsing of X...

4.9CVSS6AI score0.05638EPSS
In wildExploits0References2
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.8CVSS7.2AI score0.00469EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.7 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.8CVSS7.3AI score0.00469EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products that...

9.8CVSS7.9AI score0.00469EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/23 7:17 a.m.4 views

Improper Neutralization of Special Elements Used in a Template Engine

Overview datapizza-ai-core is a Core components for the datapizza-ai framework Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the ChatPromptTemplate function that utilises Jinja2 Template. An attacker can execute...

7.2CVSS6.1AI score0.00686EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/02/23 3:32 a.m.22 views

CVE-2026-2969 datapizza-labs datapizza-ai Jinja2 Template prompt.py ChatPromptTemplate special elements used in a template engine

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

5.8CVSS0.00686EPSS
Exploits2References5
Fedora
Fedora
added 2026/02/23 1:56 a.m.10 views

[SECURITY] Fedora 43 Update: zathura-pdf-mupdf-0.4.4-9.fc43

This plugin adds PDF support to zathura using the mupdf rendering engine...

7.5CVSS5.9AI score0.00477EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/02/23 12:0 a.m.102 views

📄 Squirrel Out-Of-Bounds Read

A vulnerability exists in the Squirrel engine's stack implementation due to missing bounds checking in the PopTarget function. When attempting to pop from an empty stack, the function reads from datasize - 1 index -1, causing a heap buffer underflow...

7.8CVSS5.8AI score0.00235EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.4 views

PT-2026-21834

Name of the Vulnerable Software and Affected Versions Rollup versions prior to 2.80.0 Rollup versions prior to 3.30.0 Rollup versions prior to 4.59.0 Description Rollup, a JavaScript module bundler, contains a flaw due to insecure file name sanitization in its core engine. This allows an attacker...

10CVSS5.5AI score0.01402EPSS
Exploits1References158
Tenable Nessus
Tenable Nessus
added 2026/02/22 12:0 a.m.5 views

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20258-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20258-1 advisory. Changes in chromium: - Chromium 145.0.7632.109 boo1258438: CVE-2026-2648: Heap buffer overflow in PDFium CVE-2026-2649: Integer overflow in V8...

8.8CVSS7.7AI score0.00642EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2026/02/21 5:22 a.m.13 views

Chromium: CVE-2026-2649 Integer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.3AI score0.00642EPSS
Exploits0
OSV
OSV
added 2026/02/21 2:15 a.m.4 views

OPENSUSE-SU-2026:20258-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 145.0.7632.109 boo1258438: CVE-2026-2648: Heap buffer overflow in PDFium CVE-2026-2649: Integer overflow in V8 CVE-2026-2650: Heap buffer overflow in Media...

8.8CVSS5.7AI score0.00642EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/20 10:22 p.m.7 views

Uncontrolled Search Path Element

Overview tensorflow is a machine learning framework. Affected versions of this package are vulnerable to Uncontrolled Search Path Element via the loading of HDF5 plugins in the Keras engine. An attacker can execute arbitrary code by placing a malicious plugin in the default search path. Remediati...

8.5CVSS6.1AI score0.00252EPSS
Exploits0References2
Wired Threat Level
Wired Threat Level
added 2026/02/20 8:3 p.m.6 views

DHS Wants a Single Search Engine to Flag Faces and Fingerprints Across Agencies

Homeland Security aims to combine its face and fingerprint systems into one big biometric platform—after dismantling centralized privacy reviews and key limits on face recognition...

5.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2026/02/20 3:0 p.m.9 views

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513

Read how PatchDiff-AI uncovered the root cause of CVE-2026-21513 — an actively exploited MSHTML vulnerability — and how APT28 leveraged it in real-world attacks...

8.8CVSS5.5AI score0.15384EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/20 1:25 p.m.6 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS6.3AI score0.00618EPSS
Exploits0References1
OSV
OSV
added 2026/02/19 2:23 p.m.9 views

USN-8033-8 linux-intel-iotg vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.9AI score0.00248EPSS
Exploits4References115
NVD
NVD
added 2026/02/19 10:16 a.m.5 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS0.00618EPSS
Exploits0References1
Rows per page
Query Builder