Lucene search
+L

1842 matches found

attackerkb
attackerkb
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43254

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...

5.8AI score0.00451EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.13 views

PT-2026-37594

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn tcp recv, we receive large cloned skbs from strp rcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...

5.7AI score0.00451EPSS
Exploits0References4
osv
osv
added 2026/05/05 10:18 p.m.17 views

GHSA-JRM4-4PCF-4763 ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

3CVSS5.8AI score0.00122EPSS
Exploits0References5
osv
osv
added 2026/05/05 6:49 a.m.5 views

OPENSUSE-SU-2026:20676-1 Security update for build, product-composer

This update for build, product-composer fixes the following issues: Changes in build: - Support a new "IgnoreRebuild" config. - build-recipe-kiwi: Add support for oci containers Avoid needlessly compressing container images Detect container images based on build result file name - Fix queryrecipe...

7.3CVSS5.8AI score0.00209EPSS
Exploits0References2
osv
osv
added 2026/04/28 3:28 p.m.3 views

SUSE-SU-2026:21422-1 Security update for libsodium

This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

9.8CVSS5.9AI score0.00228EPSS
Exploits0References5
packetstormnews
packetstormnews
added 2026/04/27 12:0 a.m.8 views

RowHammer Vulnerability Counter (RVC): Redefining RowHammer Detection with Victim-Centric Tracking

The Rowhammer vulnerability poses an increasing challenge with newer generations of DRAM and aggressive technology scaling. Existing mitigation techniques, such as Graphene, Twice, and Hydra, primarily rely on tracking activation counts for each row and issuing refreshes when a row reaches a...

5.5AI score
Exploits0
packetstormnews
packetstormnews
added 2026/04/26 12:0 a.m.23 views

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

5.6AI score
Exploits0
packetstormnews
packetstormnews
added 2026/04/25 12:0 a.m.12 views

Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation

Organisations operating within information-intensive environments face intensifying pressure to formalise the governance of information security. The ISO/IEC 27001:2022 standard provides a globally recognised framework for establishing, implementing, maintaining, and continually improving an...

5.4AI score
Exploits0
redhat
redhat
added 2026/04/23 4:9 p.m.11 views

Important: Red Hat Security Advisory: OpenJDK 25.0.3 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References2
osv
osv
added 2026/04/23 12:0 a.m.12 views

ALSA-2026:9683 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References10
almalinux
almalinux
added 2026/04/23 12:0 a.m.16 views

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References10
nessus
nessus
added 2026/04/22 12:0 a.m.13 views

RHEL 7 : java-1.8.0-openjdk (RHSA-2026:9682)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9682 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References9
nessus
nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013768)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013768 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 6553...

5.6AI score0.00182EPSS
Exploits0References4
osv
osv
added 2026/04/16 12:46 p.m.5 views

OPENSUSE-SU-2026:20584-1 Security update for v2ray-core

This update for v2ray-core fixes the following issues: Changes in v2ray-core: - Update version to 5.47.0 Add sticky choice option for leastping Add support for enrollment links in tlsmirror Add Wireguard Outbound unreleased Add sticky choice option for leastping Generalize IP address parsing in T...

9.1CVSS7.1AI score0.00522EPSS
Exploits1References2
osv
osv
added 2026/04/01 8:41 a.m.3 views

BIT-GRAFANA-2026-27877 Public dashboards discloses all direct mode datasources

When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References11
susecve
susecve
added 2026/03/31 8:31 a.m.7 views

SUSE CVE-2026-27877

When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References11
grafana
grafana
added 2026/03/30 12:0 a.m.12 views

Public dashboards discloses all direct mode datasources

When using public dashboards and direct data-sources, all direct data-sources’ passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

7.5CVSS5.8AI score0.00298EPSS
Exploits0
opensuse
opensuse
added 2026/03/28 12:0 a.m.2 views

Security update for salt (important)

openSUSE security update: security update for salt ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20412-1 Rating: important References: bsc1240532 bsc1246130 bsc1254325 bsc1254903 bsc1254904 bsc1254905 Cross-References: CVE-2025-13836 CVE-2025-6772...

8.7CVSS6.9AI score0.01525EPSS
Exploits0References6
osv
osv
added 2026/03/27 3:30 p.m.8 views

GHSA-3Q27-7QJQ-P9C5 Grafana public dashboards disclose all direct mode datasources

When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

6.5CVSS5.9AI score0.00298EPSS
Exploits0References3
github
github
added 2026/03/27 3:30 p.m.7 views

Grafana public dashboards disclose all direct mode datasources

When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

7.5CVSS5.8AI score0.00298EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder