Lucene search
K

29779 matches found

Cvelist
Cvelist
added 2026/01/15 12:0 a.m.28 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

0.00381EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-3024

Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A file upload issue exists in Omnispace Agora Project. Attackers can potentially execute code by uploading a specially crafted PDF file. This is possible through the MSL engine of the...

9.8CVSS7AI score0.00381EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Cisco Identity Services Engine (cisco-sa-ise-xss-9TDh2kx)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the...

4.8CVSS6AI score0.00238EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Cisco Identity Services Engine (cisco-sa-ise-xss-964cdxW5)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross- site...

4.8CVSS6.1AI score0.00238EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/01/15 12:0 a.m.2 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memor...

9.8CVSS5.6AI score0.0057EPSS
Exploits0References28
OSV
OSV
added 2026/01/14 10:38 a.m.10 views

RHSA-2026:0293 Red Hat Security Advisory: pki-servlet-engine security update

Bulletin has no description...

7.5CVSS9AI score0.66535EPSS
Exploits5References14
OSV
OSV
added 2026/01/14 10:38 a.m.11 views

RHSA-2026:0292 Red Hat Security Advisory: pki-servlet-engine security update

Bulletin has no description...

7.5CVSS9.8AI score0.66535EPSS
Exploits5References14
SUSE Linux
SUSE Linux
added 2026/01/14 8:49 a.m.6 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG...

6.1CVSS7.4AI score0.0057EPSS
Exploits0References28
OSV
OSV
added 2026/01/14 8:49 a.m.2 views

SUSE-SU-2026:0122-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. - MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics:...

9.8CVSS5.8AI score0.0057EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/01/14 12:25 a.m.2 views

SUSE CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

8.8CVSS5.8AI score0.00423EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openssl-1.0.0-20.AXS4 (AXSA:2012-14:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-14:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

5CVSS8.2AI score0.05012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : perl-5.8.8-10.3.1AXS3 (AXSA:2008-74:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-74:01 advisory. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl's regular expression...

5CVSS6.5AI score0.03153EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/13 11:20 p.m.9 views

CVE-2024-58339

LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...

8.7CVSS7.4AI score0.00568EPSS
Exploits1References1
NVD
NVD
added 2026/01/13 2:16 p.m.2 views

CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

9.8CVSS0.00423EPSS
Exploits0References5
OSV
OSV
added 2026/01/13 2:16 p.m.9 views

CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

9.8CVSS5.8AI score0.00423EPSS
Exploits0References5
OSV
OSV
added 2026/01/13 2:16 p.m.6 views

UBUNTU-CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

9.8CVSS7.3AI score0.00423EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/01/13 2:16 p.m.2 views

CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

9.8CVSS5.8AI score0.00423EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed a double-free in idxdsetupwqs The cleanup in idxdsetupwqs contained a few bugs, as the error handling was somewhat subtle. It’s simpler to rewrite the code in a more clean way. The issues are as follows:...

7.8CVSS5.9AI score0.00144EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

7.3CVSS7.1AI score0.00292EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.11 views

Astra Linux – Vulnerability in Firefox

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability has been fixed in Firefox 145 and Thunderbird 145...

9.8CVSS5.3AI score0.00317EPSS
Exploits0References3
Rows per page
Query Builder