Lucene search
K

74028 matches found

Microsoft CVE
Microsoft CVE
added 2026/03/26 8:2 a.m.3 views

drbd: fix null-pointer dereference on local read error

...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
OSV
OSV
added 2026/03/26 1:34 a.m.1 views

SUSE-SU-2026:1049-1 Security update for the Linux Kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.100 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2023-53257: wifi: mac80211: check S1G action frame si...

7.8CVSS6.1AI score0.00278EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2026/03/26 1:5 a.m.9 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS6.6AI score0.00451EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/03/26 12:58 a.m.5 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS6.6AI score0.00451EPSS
Exploits2References8
NVD
NVD
added 2026/03/26 12:16 a.m.5 views

CVE-2026-34056

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks...

7.7CVSS0.00271EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/26 12:0 a.m.6 views

CVE-2026-29905

Kirby CMS through 5.1.4 allows an authenticated user with 'Editor' permissions to cause a persistent Denial of Service DoS via a malformed image upload. The application fails to properly validate the return value of the PHP getimagesize function. When the system attempts to process this file for...

5.8AI score0.00445EPSS
Exploits1References3
CNVD
CNVD
added 2026/03/26 12:0 a.m.1 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-16052)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause a local process to capture a gateway authentication token...

6.8CVSS5.9AI score0.00126EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

EVerest 缓冲区错误漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a buffer error vulnerability. This vulnerability stems from the function ISO15118chargerImpl::handleupdateenergytransfermodes, which copies a variable-leng...

9.1CVSS6AI score0.00197EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/26 12:0 a.m.4 views

Beyond Content Safety: Real-Time Monitoring for Reasoning Vulnerabilities in Large Language Models

Large language models LLMs increasingly rely on explicit chain-of-thought CoT reasoning to solve complex tasks, yet the safety of the reasoning process itself remains largely unaddressed. Existing work on LLM safety focuses on content safety--detecting harmful, biased, or factually incorrect...

6.1AI score
Exploits0
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.11 views

EVerest 缓冲区错误漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2026.02.0 contained a buffer error vulnerability, which was caused by out-of-bounds access, potentially leading to remote crashes or memory corruption...

7.5CVSS6AI score0.00367EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.5 views

HCL Aftermarket DPC 安全漏洞

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an Access Control Error vulnerability that can be exploited by an attacker to elevate their privileges and compromise the application...

9.8CVSS5.8AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.6 views

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-18 and 6.9.13-43 contained a buffer error vulnerability. This vulnerability stemmed from...

5.5CVSS6AI score0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

crun 安全漏洞

Crun is an OCI container runtime library developed by Containers in C language. Versions of Crun from 1.19 to 1.26 and earlier contain security vulnerabilities. These vulnerabilities stem from errors in parsing the crun exec option with the -u parameter, which may allow processes to run with...

7.8CVSS5.8AI score0.00159EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.4 views

Ory polis 输入验证错误漏洞

Ory Polis is an open-source enterprise single-sign-on and directory synchronization solution developed by Ory. Versions of Ory Polis prior to 26.2.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from improper trust in URL parameters with the callbackUrl...

8.8CVSS5.6AI score0.00428EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28243

Name of the Vulnerable Software and Affected Versions KomSeo Cart version 1.3 Description An SQL injection flaw allows attackers to inject SQL commands via the my item search parameter in the 'edit.php' endpoint. By submitting POST requests with malicious payloads, attackers can extract sensitive...

8.8CVSS5.9AI score0.00245EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28242

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

8.8CVSS6AI score0.00267EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.3 views

SUSE SLES15 Security Update : kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0997-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0997-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: ...

7.1CVSS6.8AI score0.00196EPSS
Exploits0References28
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.6 views

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-18 and 6.9.13-43 contained a buffer error vulnerability. This vulnerability stemmed from incorrect...

5.1CVSS6AI score0.00128EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/26 12:0 a.m.2 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-16041)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles webhook handler containing a passwordless fallback authentication path, which can be exploited by an attacker to cause an...

6.5CVSS5.9AI score0.00249EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

EVerest 资源管理错误漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a resource management vulnerability caused by data competition, which could lead to reusing resources after release...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References1
Rows per page
Query Builder