Lucene search
+L

208 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-44843

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

9.1CVSS6.2AI score0.00224EPSS
Exploits1References3
NVD
NVD
added 3 days ago7 views

CVE-2026-26718

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

9.1CVSS0.00224EPSS
Exploits1References2
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-26718

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

0.00224EPSS
Exploits1References2
CVE
CVE
added 3 days ago4 views

CVE-2026-26718

CVE-2026-26718 – xxl-job-admin 3.0.0 CSRF flaw . A Cross-Site Request Forgery exists in the xxl-job-admin web application (v3.0.0) that enables an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitra...

9.1CVSS6.2AI score0.00224EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-60330

Name of the Vulnerable Software and Affected Versions xxl-job-admin version 3.0.0 Description A Cross-Site Request Forgery CSRF issue exists in the web application. This occurs because a specific endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods through a permissive...

6.2AI score0.00224EPSS
Exploits1References4
Packet Storm
Packet Storm
added 3 days ago19 views

📄 xxl-job Cross Site Request Forgery

xxl-job versions prior to 3.4.0 suffer from a cross site request forgery vulnerability. Description Summary A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The...

9.1CVSS5.7AI score0.00224EPSS
Exploits1
OSV
OSV
added 2026/07/06 2:7 p.m.3 views

SUSE-SU-2026:2779-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594...

7.5CVSS6.7AI score0.0181EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 3:4 p.m.3 views

SUSE-SU-2026:2673-1 Security update for bind

This update for bind fixes the following issues: Security issues: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3593: Heap use-after-free vulnerabilit...

9.8CVSS6.7AI score0.01844EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES15 Security Update : bind (SUSE-SU-2026:2616-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2616-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it. cdnspcie::ops may not be populated by all Cadence glue drivers. This is true for the upcoming Sophgo platform, which does not set ops. Therefore, add a check...

5.7AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:3 a.m.3 views

SUSE-SU-2026:2616-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594...

7.5CVSS5.8AI score0.0181EPSS
Exploits0References7
OSV
OSV
added 2026/06/20 6:53 a.m.2 views

SUSE-SU-2026:22198-1 Security update for bind

This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3593: Heap use-after-free...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References13
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: reset: uniphier-glue: Fix possible null-ptr-deref This issue could lead to a null-ptr-deref condition when the resourcesizeres function is called, if platformgetresource returns NULL...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/06/05 2:30 p.m.11 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

7.5CVSS5.4AI score0.0181EPSS
Exploits0References12
OSV
OSV
added 2026/06/05 2:30 p.m.9 views

SUSE-SU-2026:2289-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594...

7.5CVSS5.4AI score0.0181EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is an open-source framework developed by Hugging Face for defining state-of-the-art machine learning models. It covers text, visual, audio, and multimodal models, and can be used for both inference and training. Version 5.2.0 of Hugging Face Transformers contains a...

9.6CVSS8.1AI score0.00531EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/30 2:6 a.m.13 views

SUSE CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References12
OSV
OSV
added 2026/05/29 5:12 a.m.14 views

MGASA-2026-0163 Updated bind packages fix security vulnerabilities

Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References3
Mageia
Mageia
added 2026/05/29 5:12 a.m.27 views

Updated bind packages fix security vulnerabilities

Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References2
Fedora
Fedora
added 2026/05/24 12:51 a.m.18 views

[SECURITY] Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43

pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...

5.5CVSS5.8AI score0.00182EPSS
Exploits0
Rows per page
Query Builder