Lucene search
+L

22 matches found

euvd
euvd
added last week7 views

EUVD-2026-42632

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References6
redhat
redhat
added 2026/06/30 6:21 p.m.10 views

Low: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References2
osv
osv
added 2026/03/18 4:33 p.m.3 views

GHSA-2GMV-2R3V-JXJ2 Stored XSS in PySpector HTML Report Generation leads to Javascript Code Execution

Summary PySpector versions = 0.1.6 are affected by a stored Cross-Site Scripting XSS vulnerability in the HTML report generator. When PySpector scans a Python file containing JavaScript payloads i.e. inside a string passed to eval , the flagged code snippet is interpolated into the HTML report...

5.3CVSS6AI score0.00217EPSS
Exploits1References3
github
github
added 2026/03/18 4:33 p.m.22 views

Stored XSS in PySpector HTML Report Generation leads to Javascript Code Execution

Summary PySpector versions = 0.1.6 are affected by a stored Cross-Site Scripting XSS vulnerability in the HTML report generator. When PySpector scans a Python file containing JavaScript payloads i.e. inside a string passed to eval , the flagged code snippet is interpolated into the HTML report...

6.1CVSS6AI score0.00217EPSS
Exploits1References3Affected Software1
redhatcve
redhatcve
added 2026/01/23 9:15 p.m.5 views

CVE-2026-23761

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

6.9CVSS5.5AI score0.00164EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/01/22 4:17 p.m.6 views

CVE-2026-23761 VB-Audio Voicemeeter & Matrix Drivers DoS via Improper FILE_OBJECT FsContext Initialization

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

6.9CVSS5.5AI score0.00164EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.12 views

PT-2026-3951

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

6.9CVSS5.5AI score0.00164EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/01/09 8:49 a.m.5 views

CVE-2025-69220

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

7.1CVSS6.8AI score0.00282EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/01/07 8:49 p.m.4 views

CVE-2025-69220 LibreChat has Insufficient Access Control for Agent Files

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

7.1CVSS6.4AI score0.00282EPSS
Exploits1References8
osv
osv
added 2026/01/07 8:49 p.m.5 views

CVE-2025-69220 LibreChat has Insufficient Access Control for Agent Files

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

7.1CVSS6.7AI score0.00282EPSS
Exploits1References10
redhat
redhat
added 2025/11/11 9:13 a.m.6 views

kernel: cachestat: fix page cache statistics permission checking

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

5.5CVSS6.7AI score0.00199EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 2:39 a.m.3 views

CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

6.5CVSS7.7AI score0.0034EPSS
Exploits0References1
susecve
susecve
added 2025/02/11 3:48 a.m.7 views

SUSE CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

5.5CVSS7.6AI score0.00199EPSS
Exploits0References5
osv
osv
added 2025/02/10 4:15 p.m.3 views

DEBIAN-CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

5.5CVSS5.6AI score0.00199EPSS
Exploits0References1
osv
osv
added 2025/02/10 4:15 p.m.13 views

UBUNTU-CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References17
ptsecurity
ptsecurity
added 2025/01/21 12:0 a.m.10 views

PT-2025-6064

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the cachestat system call. The issue arose when cachestat was added as a more convenient and performant version of...

7.8CVSS7.4AI score0.00844EPSS
Exploits8References447
prion
prion
added 2023/06/02 5:15 p.m.18 views

Design/Logic Flaw

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

4.3CVSS6.6AI score0.0034EPSS
Exploits0References2Affected Software1
ubuntucve
ubuntucve
added 2023/01/18 12:0 a.m.38 views

CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

6.5CVSS6.9AI score0.0034EPSS
Exploits0References3
osv
osv
added 2023/01/18 12:0 a.m.3 views

UBUNTU-CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

6.5CVSS7.2AI score0.0034EPSS
Exploits0References4
osv
osv
added 2016/12/23 10:59 p.m.5 views

UBUNTU-CVE-2016-7967

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled...

8.1CVSS7.3AI score0.0192EPSS
Exploits0References4
Rows per page
Query Builder