Lucene search
+L

13360 matches found

nuclei
nuclei
added yesterday74 views

Cacti < 1.2.25 Insecure Deserialization

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. id: CVE-2023-30534 info: name: Cacti 1.2.25 Insecure Deserialization author: k0pak4 severity: medium description: | Cacti is an open source...

4.3CVSS6.7AI score0.02569EPSS
Exploits1References5
cve
cve
added 2 days ago5 views

CVE-2025-11698

The CVE-2025-11698 vulnerability affects 5380/5480/5580 controllers with boot firmware versions below 1.072. It enables a denial-of-service by allowing a malicious actor to write invalid file data to the controller, potentially causing a major non-recoverable fault (MNRF). The documents do not pr...

9.2CVSS6.1AI score0.00253EPSS
Exploits0References1
cve
cve
added 2 days ago7 views

CVE-2025-12012

The CVE-2025-12012 entry concerns Rockwell Automation 5380/5480/5580 controllers. A denial-of-service vulnerability could allow a malicious user to write invalid file data to the controller, potentially triggering a major non-recoverable fault (MNRF). The available documents do not specify affect...

9.2CVSS6.1AI score0.00253EPSS
Exploits0References1
cve
cve
added 2 days ago5 views

CVE-2025-12011

CVE-2025-12011 describes a denial-of-service vulnerability in Rockwell Automation 5370/5570 controllers (CompactLogix/ControlLogix family). The issue allows a remote attacker to load an invalid project, triggering a major non-recoverable fault (MNRF) on the device. Based on the available document...

9.2CVSS6.1AI score0.00253EPSS
Exploits0References1
redhat
redhat
added 3 days ago6 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS6.1AI score0.00091EPSS
Exploits0References5
nessus
nessus
added 3 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References3
nvd
nvd
added 6 days ago10 views

CVE-2026-55213

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS0.00343EPSS
Exploits0References2
osv
osv
added 6 days ago3 views

UBUNTU-CVE-2026-55213

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References4
debiancve
debiancve
added 6 days ago5 views

CVE-2026-55213

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS6.2AI score0.00343EPSS
Exploits0
osv
osv
added 2026/07/07 10:5 p.m.3 views

CVE-2026-14740 DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

9.1CVSS6.1AI score0.00407EPSS
Exploits0References8
nvd
nvd
added 2026/07/07 3:16 p.m.8 views

CVE-2026-53877

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS0.00291EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/07 2:10 p.m.34 views

CVE-2026-53877 Heap buffer over-read in GDALRaster

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS0.00291EPSS
Exploits0References3
euvd
euvd
added 2026/07/07 2:10 p.m.8 views

EUVD-2026-42044

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0References3
nvd
nvd
added 2026/07/07 1:16 p.m.12 views

CVE-2026-10659

The Dhara flash translation layer disk driver drivers/disk/ftldhara.c implemented the dharanand callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dharaerrort err pointer e.g. err = DHARAEECC in dharanandread, and similar in...

4.7CVSS0.00098EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/07/07 12:58 p.m.7 views

CVE-2026-10659

The Dhara flash translation layer disk driver drivers/disk/ftldhara.c implemented the dharanand callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dharaerrort err pointer e.g. err = DHARAEECC in dharanandread, and similar in...

4.7CVSS6AI score0.00098EPSS
Exploits1References3Affected Software1
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1013 Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

Impact If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error: python np.ones0, 231, 231 An example of a proof of concept: python import numpy as np import tensorflow as tf inputval =...

4.8CVSS5.9AI score0.0033EPSS
Exploits1References6
osv
osv
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1037 TensorFlow vulnerable to segfault in `QuantizedAdd`

Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...

5.9CVSS5.9AI score0.00409EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.11 views

PT-2026-56196

Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.6 Django versions 5.2 through 5.2.15 Description An issue exists where django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object. This can lead to the disclosure of...

7.5CVSS6.2AI score0.25782EPSS
Exploits0References116
nessus
nessus
added 2026/07/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53343

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 ARM: 9430/1: entry: Do a dummy read from VMAP shadow added a dummy read from t...

6AI score0.00161EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/07/01 7:51 p.m.7 views

CVE-2026-53343

A flaw was found in the Linux kernel. On ARMv5 systems configured with Kernel Address Sanitizer KASAN for virtual memory allocated VMAP stack shadow, a memory access operation could attempt to read data from an unaligned memory address. This unaligned access leads to an alignment exception, causi...

5.7AI score0.00161EPSS
Exploits0References4
Rows per page
Query Builder