Lucene search
K

29728 matches found

CNNVD
CNNVD
added 2026/02/04 12:0 a.m.6 views

Cisco Secure Web Appliance 安全漏洞

Cisco Secure Web Appliance is an application developed by the American company Cisco. It is used to protect websites. There is a security vulnerability in Cisco Secure Web Appliance, which stems from the dynamic vector and stream engine’s improper handling of certain archive files. This...

4CVSS5.8AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 10:16 p.m.5 views

CVE-2026-1341

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS0.00494EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 9:26 p.m.30 views

CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS0.00494EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 9:26 p.m.2 views

CVE-2026-1341

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS5.3AI score0.00494EPSS
Exploits0References2
CVE
CVE
added 2026/02/03 9:26 p.m.14 views

CVE-2026-1341

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, allowing an attacker to take full control of the device. The issue, documented across multiple sources (NVD, Red Hat, ENISA EUVD, CVE listing), indicates a network-accessible int...

9.3CVSS5.3AI score0.00494EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/03 9:26 p.m.3 views

CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS5.3AI score0.00494EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 8:56 p.m.7 views

EUVD-2026-5161

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00579EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/03 8:56 p.m.2 views

CVE-2026-1862

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00579EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/02/03 8:56 p.m.4 views

CVE-2026-1862

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00579EPSS
Exploits1
Snyk
Snyk
added 2026/02/03 5:52 p.m.3 views

Improper Neutralization of Special Elements Used in a Template Engine

Overview com.hubspot.jinjava:jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates at least the subset of jinja in use in HubSpot content. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a...

9.8CVSS5.9AI score0.00889EPSS
Exploits1References2
OSV
OSV
added 2026/02/03 8:42 a.m.4 views

BIT-KYVERNO-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

7.7CVSS5.5AI score0.00531EPSS
Exploits1References4
ICS
ICS
added 2026/02/03 7:0 a.m.4 views

*Avation Light Engine Pro *

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

9.3CVSS5.6AI score0.00494EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-6040

Name of the Vulnerable Software and Affected Versions Avation Light Engine Pro affected versions not specified Description Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, granting attackers full control over critical lighting...

9.3CVSS5.5AI score0.00494EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

Avation Light Engine Pro 访问控制错误漏洞

Avation Light Engine Pro is a high-performance search and navigation enhancement plugin developed by the Australian company Avation. Avation Light Engine Pro has a security vulnerability related to access control. This vulnerability arises from the fact that its configuration and control interfac...

9.3CVSS5.8AI score0.00494EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6337

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

7.7CVSS5.6AI score0.00531EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 144.0.7559.132 contained a security vulnerability caused by type confusion in the V8 engine. This vulnerability could allow exploitation through specially crafted HTML pages that exploit he...

8.8CVSS7.5AI score0.00579EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/02 9:9 p.m.4 views

CVE-2026-22778 vLLM leaks a heap address when PIL throws an error

vLLM is an inference and serving engine for large language models LLMs. From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guess...

9.8CVSS6AI score0.03816EPSS
Exploits0References4
OSV
OSV
added 2026/02/02 9:5 p.m.4 views

GO-2026-4382 Kyverno Denial of Service via Context Variable Amplification in Policy Engine in github.com/kyverno/kyverno

Kyverno Denial of Service via Context Variable Amplification in Policy Engine in github.com/kyverno/kyverno...

7.7CVSS5.2AI score0.00531EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/02 9:17 a.m.5 views

CVE-2025-71189

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...

5.5CVSS5AI score0.00183EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2026-1193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.00465EPSS
Exploits0References2
Rows per page
Query Builder