Lucene search
K

591503 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.6 views

RHEL 9 : redis (RHSA-2026:26233)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26233 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.5 views

RHEL 8 : hplip (RHSA-2026:26335)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26335 advisory. The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project HPLIP, which provides drivers for Hewlett-Packard printer...

9.8CVSS6.4AI score0.01333EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.4 views

RHEL 9 : hplip (RHSA-2026:26297)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26297 advisory. The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project HPLIP, which provides drivers for Hewlett-Packard printer...

9.8CVSS6.4AI score0.01333EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0159: poppler (ALINUX3-SA-2026:0159)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0159 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-10118: A flaw was found in Poppler's Splas...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.5 views

RHEL 9 : ruby (RHSA-2026:26312)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26312 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

8.1CVSS6AI score0.01131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.4 views

RHEL 7 : gimp (RHSA-2026:26168)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26168 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

7.8CVSS6.2AI score0.00755EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0152: samba (ALINUX3-SA-2026:0152)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0152 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-3012: A flaw was found in Sambas...

9.8CVSS6.4AI score0.12797EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.4 views

RHEL 10 : hplip (RHSA-2026:26228)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26228 advisory. The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project HPLIP, which provides drivers for Hewlett-Packard printe...

9.8CVSS6.4AI score0.01333EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.9 views

Apache CXF < 4.1.7 / 4.2.x < 4.2.2 Multiple Vulnerabilities

The version of Apache CXF installed on the remote host is prior to 4.1.7 or 4.2.x prior to 4.2.2. It is, therefore, affected by multiple vulnerabilities, including: - A JNDI Injection vulnerability in the JCA integration module allows code execution if an attacker can manipulate the JCA deploymen...

8.8CVSS6.3AI score0.00782EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.5 views

RHEL 8 : python3.11 (RHSA-2026:26187)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26187 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.1CVSS6.5AI score0.00579EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/16 12:0 a.m.6 views

Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

The safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT start with underscore, enabling a complete sandbox escape to achieve arbitrary...

10CVSS5.6AI score0.0045EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/16 12:0 a.m.10 views

Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution

Multiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration...

9.2CVSS5.3AI score0.00276EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49807

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.5AI score0.00285EPSS
Exploits0References3
Nvidia
Nvidia
added 2026/06/16 12:0 a.m.7 views

Security Bulletin: NVIDIA NeMo - June 2026

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.7.3 or later from the NVIDIA-NeMo/NeMo GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...

7.8CVSS5.8AI score0.00193EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/15 11:55 p.m.17 views

CVE-2026-12161

CVE-2026-12161 affects Devolutions Remote Desktop Manager 2026.2.7. The flaw is in the SSH Elevate Shell feature, where improper input validation allows an authenticated user (with permission to create/modify a shared SSH entry) to run arbitrary commands on a remote SSH host using stored elevatio...

8.8CVSS5.7AI score0.00295EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/15 11:16 p.m.11 views

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code...

9.2CVSS0.00573EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 10:27 p.m.31 views

CVE-2026-48723 BrowserStack Cypress CL: Command Injection via cypress_config_file leads to arbitrary code execution through malicious browserstack.json

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypressconfigfile configuration parameter. In readCypressConfigUtil.js, the loadJsFile function constructs a shell...

7.8CVSS0.00533EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:56 p.m.6 views

EUVD-2026-37015

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code...

9.2CVSS6.4AI score0.00573EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 9:56 p.m.6 views

EEF-CVE-2026-48853 Remote code execution and denial of service via unsafe Erlang term deserialization in elixir-grpc/grpc

Summary Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote...

9.2CVSS6.5AI score0.00573EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 9:56 p.m.22 views

CVE-2026-48853

CVE-2026-48853 affects the elixir-grpc/grpc stack where the Erlpack codec decodes gRPC payloads with :erlang.binary_to_term/1 without safety bounds. This leads to untrusted data deserialization, atom creation risk (atom table exhaustion) and potential remote code execution if a malicious term rea...

9.2CVSS6.5AI score0.00573EPSS
Exploits0References4
Rows per page
Query Builder