Lucene search
+L

2134 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/20 12:26 a.m.7 views

CVE-2026-26967

PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...

9.3CVSS5.8AI score0.0029EPSS
Exploits0References3
CVE
CVE
added 2026/02/20 12:26 a.m.40 views

CVE-2026-26967

PJSIP Vulnerability CVE-2026-26967: In 2.16 and earlier, the H.264 unpacketizer can overflow the heap when processing malformed SRTP packets, due to reading a 2-byte NAL unit size without validating bounds within the payload. Affected: PJSIP-based applications handling H.264 video streams. Impact...

9.3CVSS5.8AI score0.0029EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.7 views

PT-2026-20971

PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...

9.3CVSS5.8AI score0.0029EPSS
Exploits0References3
Microsoft Security Update
Microsoft Security Update
added 2026/02/10 6:0 p.m.23 views

2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5075912)

2026-02 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems KB5075912...

5.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/02/10 6:0 p.m.11 views

2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5075912)

2026-02 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems KB5075912...

5.4AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2026/01/29 12:0 a.m.7 views

VulnCheck KEV: CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

6.1CVSS5.8AI score0.02243EPSS
In wildExploits0References2
Snyk
Snyk
added 2026/01/28 4:39 p.m.3 views

Malicious Package

Overview h-jsencrypt is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in python-h11

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a lack of strict parsing of line terminators in chunked-coded message bodies in h11 could lead to request smuggling vulnerabilities under certain conditions. This issue has been fixed in version 0.16.0. Since exploiting this...

9.1CVSS6.9AI score0.00559EPSS
Exploits0References3
OSV
OSV
added 2026/01/25 11:32 p.m.4 views

MINI-775M-722R-3C8H

Bulletin has no description...

4.3CVSS8.1AI score0.01956EPSS
Exploits0
EUVD
EUVD
added 2026/01/23 6:12 p.m.6 views

EUVD-2026-4517

Malicious code in h-jsencrypt npm...

5.5AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/23 6:12 p.m.12 views

Malicious code in h-jsencrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/23 6:12 p.m.7 views

MAL-2026-495 Malicious code in h-jsencrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004106 advisory. In memzeroexplicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure wit...

5.5CVSS5.7AI score0.0015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003996)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003996 advisory. An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Th...

8.3CVSS6.4AI score0.05114EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000597 advisory. net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by...

6.2CVSS7.2AI score0.0048EPSS
Exploits1References9
Snyk
Snyk
added 2026/01/15 7:24 p.m.3 views

HTTP Request Smuggling

Overview org.webjars.npm:h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to HTTP Request Smuggling via improper parsing of the Transfer-Encoding header in the readRawBody function. An attacker can bypass security controls...

9.8CVSS6.8AI score0.00576EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/15 7:24 p.m.5 views

CVE-2026-23527 h3 v1 has Request Smuggling (TE.TE) issue

H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...

8.9CVSS5.8AI score0.00576EPSS
Exploits1References4
Microsoft Security Update
Microsoft Security Update
added 2026/01/13 6:0 p.m.16 views

2026-01 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5073724)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/01/13 6:0 p.m.139 views

2026-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5073457)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/01/13 6:0 p.m.281 views

2026-01 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5073724)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

6.7AI score
Exploits0
Rows per page
Query Builder