Lucene search
K

489 matches found

Amazon
Amazon
added 2026/02/05 12:0 a.m.10 views

Medium: runc

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/01/22 12:0 a.m.12 views

Important: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS7.3AI score0.00585EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.7 views

CVE-2009-4741

Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors...

10CVSS6.9AI score0.0197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.5 views

CVE-2020-24133

A heap buffer overflow vulnerability in the rasmswfdisass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service DOS attacks...

9.8CVSS8.1AI score0.02626EPSS
Exploits0References1
Amazon
Amazon
added 2026/01/05 12:0 a.m.7 views

Medium: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS7.2AI score0.00533EPSS
Exploits2
Snyk
Snyk
added 2025/12/30 5:6 p.m.3 views

Malicious Package

Overview dc-extras is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/22 10:29 p.m.8 views

Malicious code in dc-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebfb103084f405558fdf917f0a86459bab97acfba22382d7f24afdb54d9964bc The package dc-extras was found to contain malicious code. Source: ghsa-malware 39af403fc6b31b58318c30ecab3f3348a044fd0a6d7918d7f355921c639f85aa Any...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/12/22 10:29 p.m.5 views

MAL-2025-192694 Malicious code in dc-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebfb103084f405558fdf917f0a86459bab97acfba22382d7f24afdb54d9964bc The package dc-extras was found to contain malicious code. Source: ghsa-malware 39af403fc6b31b58318c30ecab3f3348a044fd0a6d7918d7f355921c639f85aa Any...

6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/12/22 10:29 p.m.7 views

EUVD-2025-204767

Malicious code in dc-extras npm...

6.6AI score
Exploits0
Veracode
Veracode
added 2025/11/11 3:39 p.m.7 views

Prototype Pollution

sassdoc-extras is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input in the byGroupAndType function, which allows an attacker to inject arbitrary properties into Object.prototype, potentially leading to denial of service or unexpected...

7.5CVSS7.1AI score0.00386EPSS
Exploits0References3Affected Software1
Amazon
Amazon
added 2025/11/10 12:0 a.m.5 views

Important: gimp

Issue Overview: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.7AI score0.00452EPSS
Exploits0
Amazon
Amazon
added 2025/11/10 12:0 a.m.10 views

Important: runfinch-finch

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00626EPSS
Exploits0
Amazon
Amazon
added 2025/11/05 12:0 a.m.6 views

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

8.4CVSS7AI score0.0067EPSS
Exploits4
Amazon
Amazon
added 2025/11/05 12:0 a.m.8 views

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

8.4CVSS7AI score0.0067EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2025/10/30 3:22 p.m.5 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.51 CNF IBU extras update

An update for ibu components is available for Red Hat OpenShift Container Platform 4.16. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...

7.1CVSS7.1AI score0.00281EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/10/30 3:20 p.m.6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.57 CNF IBU extras update

An update for ibu components is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...

7.1CVSS7.1AI score0.00281EPSS
Exploits0References2
Amazon
Amazon
added 2025/10/27 12:0 a.m.7 views

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

5.2CVSS7AI score0.00152EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5043

Malware in sbrugna...

3.3CVSS3.9AI score0.00371EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-5981

Malware in sbrugna...

5.5CVSS5.4AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-4705

Malware in sbrugna...

10CVSS6.3AI score0.0197EPSS
Exploits0References4
Rows per page
Query Builder