349 matches found
GHSA-RRMF-RVHW-RF47 vulnerabilities
Vulnerabilities for packages: py3-torch-cuda-13.2, py3-torch-cuda-13.3, nemo, py3-torch-cuda-13.0, py3-torch-cuda-12.9, py3-torch-cuda-12.4, py3-torch-cuda-12.6, py3-torch-cuda-13.1, py3-torch-cuda-12.8...
GHSA-39VG-P77Q-35GX vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-9C63-94GF-85H2 vulnerabilities
Vulnerabilities for packages: openjdk-25-openj9, openjdk-17-openj9, openjdk-8-openj9, openjdk-26-openj9, openjdk-21-openj9, openjdk-11-openj9...
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa MENA that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region, aiming to investigate and neutralize...
PT-2026-39977
Name of the Vulnerable Software and Affected Versions SIPROTEC 5 6MD84 CP300 versions prior to V11.0 SIPROTEC 5 6MD85 CP200 affected versions not specified SIPROTEC 5 6MD85 CP300 versions V7.80 through V11.0 SIPROTEC 5 6MD86 CP200 affected versions not specified SIPROTEC 5 6MD86 CP300 versions...
GHSA-9JM7-CGMM-6QG2 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-FJ97-2V9X-W5M4 vulnerabilities
Vulnerabilities for packages: superset...
CLEANSTART-2026-MF20926 Security fixes for CVE-2021-38561, CVE-2022-27191, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 3.1.2-r3, 3.1.2-r4, 3.7.0-r0, 3.7.0-r2
Multiple security vulnerabilities affect the git-lfs-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-QCFX-2MFW-W4CG Rails Active Storage has possible content type bypass via metadata in direct uploads
Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...
Rails Active Storage has possible content type bypass via metadata in direct uploads
Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...
Rails Active Storage has possible content type bypass via metadata in direct uploads
Impact Active Storage's DirectUploadsController accepts arbitrary metadata from the client and persists it on the blob. Because internal flags like identified and analyzed are stored in the same metadata hash, a malicious direct-upload client could set these flags. Releases The fixed releases are...
CVE-2026-4224
creationtimestamp| type| source ---|---|--- 2026-03-17 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0302/ 2026-03-17 13:30:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhb3er3v2c2v 2026-04-02 12:01:02+00:00| seen|...
TEST-EXPLOIT
...
MiracleLinux 7 : kernel-3.10.0-229.11.1.el7 (AXSA:2015-468:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-468:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...
Fedora 43 : chezmoi (2026-004192d79d)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-004192d79d advisory. Update to 2.69.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
EUVD-2026-1717
fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...
GHSA-XMJJ-27J3-8W2G vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2025-43541
A flaw was found in WebKitGTK. Processing malicious web content can cause a type confusion issue due to improper state handling and result in an unexpected crash. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical...
EUVD-2025-145517
Malicious code in haseebtariq npm...
CVE-2025-61084
MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing eve...