Lucene search
K

365 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4694

Malicious code in bioql PyPI...

7.5CVSS7.8AI score0.01037EPSS
Exploits2References5
CBLMariner
CBLMariner
added 2025/10/03 3:8 p.m.39 views

CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3

CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3. A patched version of the package is available...

6.9CVSS6.6AI score0.0061EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/09/18 3:12 p.m.39 views

CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5

CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5. A patched version of the package is available...

6.9CVSS6.9AI score0.0061EPSS
Exploits1
OSV
OSV
added 2025/09/16 4:15 p.m.8 views

AZL-67608 CVE-2025-58749 affecting package fluent-bit for versions less than 3.1.9-6

WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...

5.3CVSS5.7AI score0.00344EPSS
Exploits1References1
OSV
OSV
added 2025/09/16 4:15 p.m.10 views

AZL-67617 CVE-2025-58749 affecting package fluent-bit for versions less than 3.0.6-4

WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...

5.3CVSS5.7AI score0.00344EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/09/03 11:34 p.m.5 views

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.

...

5.5CVSS7AI score0.0017EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/09/03 11:3 p.m.5 views

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.

...

5.5CVSS7AI score0.0019EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-23722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crash...

7.5CVSS7.4AI score0.00944EPSS
Exploits2References2
OSV
OSV
added 2025/07/29 10:15 p.m.4 views

AZL-66048 CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS5.8AI score0.0061EPSS
Exploits1References1
OSV
OSV
added 2025/07/29 10:15 p.m.5 views

AZL-66045 CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS5.8AI score0.0061EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-e31c4c683b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-7a83d90b38)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-b355fdb8e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:38 p.m.9 views

CVE-2021-36088

Fluent Bit aka fluent-bit 1.7.0 through 1.7.4 has a double free in flbfree called from flbparserjsondo and flbparserdo...

9.8CVSS7AI score0.02384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 a.m.5 views

CVE-2019-9749

An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker server, it mishandles incoming network messages. After processing a crafted packet, the plugin's mqttpacketdrop function in /plugins/inmqtt/mqttprot.c executes the memmove functio...

7.5CVSS6.8AI score0.01657EPSS
Exploits1References1
OSV
OSV
added 2025/05/13 5:36 a.m.7 views

BIT-FLUENT-BIT-2024-26455

fluent-bit 2.2.2 contains a Use-After-Free vulnerability in /fluent-bit/plugins/customcalyptia/calyptia.c...

7.5CVSS6.7AI score0.00713EPSS
Exploits1References2
OSV
OSV
added 2025/04/23 8:54 a.m.9 views

BIT-FLUENT-BIT-2024-50609

An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...

7.5CVSS7.5AI score0.01037EPSS
Exploits2References4
OSV
OSV
added 2025/04/23 8:54 a.m.6 views

BIT-FLUENT-BIT-2024-50608

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access t...

7.5CVSS7.5AI score0.01037EPSS
Exploits2References4
CBLMariner
CBLMariner
added 2025/04/16 3:8 p.m.7 views

CVE-2025-31498 affecting package fluent-bit for versions less than 3.1.9-4

CVE-2025-31498 affecting package fluent-bit for versions less than 3.1.9-4. A patched version of the package is available...

8.3CVSS6.9AI score0.00577EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/09 12:0 a.m.12 views

Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31130)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31130 advisory. - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a...

6.4CVSS6.6AI score0.00333EPSS
Exploits0References2
Rows per page
Query Builder