Lucene search
K

3674 matches found

BDU FSTEC
BDU FSTEC
added 53 minutes ago8 views

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6AI score0.00127EPSS
Exploits0References6Affected Software4
OSV
OSV
added 3 days ago3 views

CVE-2026-61861 ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References4
NVD
NVD
added 4 days ago4 views

CVE-2026-57217

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup errors from Khepri can collapse to undefined, which the internal backe...

7CVSS0.00269EPSS
Exploits1References6
Redos
Redos
added 6 days ago5 views

ROS-20260708-73-0048

The vulnerability in dovecot is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.5CVSS6AI score0.00454EPSS
Exploits0
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-784 Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library

Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...

4.7CVSS6.4AI score0.00521EPSS
Exploits0References6
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

DEBIAN-CVE-2026-53319

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.12 views

CVE-2026-9699

Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...

6.8CVSS0.00325EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:43 p.m.6 views

CVE-2026-9699

Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...

6.8CVSS5.8AI score0.00325EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/25 4:8 p.m.5 views

[SECURITY] Fedora 44 Update: goose-1.36.0-1.fc44

Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...

8.8CVSS5.9AI score0.00213EPSS
Exploits0
Redos
Redos
added 2026/06/25 12:0 a.m.4 views

ROS-20260625-73-0004

The vulnerability in gnutls is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...

7.5CVSS5.9AI score0.01335EPSS
Exploits0
Redos
Redos
added 2026/06/25 12:0 a.m.4 views

ROS-20260625-73-0002

The vulnerability in gnutls is related to errors in processing parameter values related to input data length. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.5CVSS5.9AI score0.01263EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: bcm-sba-raid: Fixed a device leak during probe failures and when the driver unbind the device. Make sure to remove the references made when looking up the mailbox device during probe failures and when the driver...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/imx/tve: fixed the probe device leak. Make sure to remove the reference to the DDC device during probe operations when there is a probe failure e.g., probe deferral, as well as during the driver unbinding process...

5.5CVSS6AI score0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 11:53 a.m.8 views

EUVD-2026-38752

Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...

6.9CVSS5.9AI score0.00281EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 1:2 p.m.8 views

EUVD-2026-38239

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.7 views

kernel: bnxt_en: Fix RSS context delete logic

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

7.8CVSS7AI score0.00138EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.4 views

The vulnerability in the Graphics component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to cause a service failure.

The vulnerability of the Graphics component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS5.7AI score0.00433EPSS
Exploits0References15Affected Software6
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0036

The vulnerability of the consumePhrase function in the Go programming language is related to insufficient validation of input data during the analysis of email addresses. Exploiting this vulnerability could allow a remote attacker to cause service failures...

7.5CVSS5.9AI score0.00798EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.6 views

ROS-20260622-73-0021

The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

9.8CVSS5.9AI score0.00439EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.6 views

ROS-20260622-73-0018

The vulnerability in Firefox is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service failures...

9.8CVSS5.9AI score0.00439EPSS
Exploits0
Rows per page
Query Builder