Lucene search
K

189 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-4326

Malicious code in bioql PyPI...

7.1CVSS7.3AI score0.39633EPSS
Exploits6References78
Tenable Nessus
Tenable Nessus
added 2025/09/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-27837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for...

9.8CVSS5.9AI score0.00586EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:17 p.m.10 views

CVE-2020-19275

An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path...

5.3CVSS6.5AI score0.01179EPSS
Exploits1
OSV
OSV
added 2025/04/15 2:17 p.m.10 views

CLSA-2025-1744710425 Fix CVE(s): CVE-2024-5594

SECURITY UPDATE: Improper PUSHREPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 UPDATE CERTIFICATES: Renew sample keys -...

9.1CVSS5.9AI score0.00819EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/04/03 1:10 p.m.1 views

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.4CVSS9.4AI score0.00819EPSS
Exploits0References4
NVD
NVD
added 2025/04/01 4:15 p.m.11 views

CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

5.5CVSS0.002EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/04/01 3:40 p.m.16 views

CVE-2025-21910 wifi: cfg80211: regulatory: improve invalid hints checking

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

0.002EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/04/01 12:4 p.m.1 views

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.4CVSS7.4AI score0.00819EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/03/28 4:46 p.m.2 views

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.4CVSS7.4AI score0.00819EPSS
Exploits0References4
OSV
OSV
added 2025/03/28 4:46 p.m.7 views

SUSE-SU-2025:1053-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...

9.1CVSS7.2AI score0.00819EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/03/27 12:13 a.m.3 views

SUSE CVE-2025-27837

An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gpmswin.c and base/winrtsup.cpp...

7.1AI score0.00586EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.7 views

PT-2025-5746

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.3.1 Description: The issue arises when an attacker manually modifies the CFBundleIdentifier value in the Info.plist file by adding special characters, which are not allowed according to...

6.5CVSS6AI score0.00448EPSS
Exploits1References16
ATTACKERKB
ATTACKERKB
added 2025/01/23 2:15 p.m.6 views

CVE-2024-10539

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XSS. This issue affects Uyumsoft ERP: before Erp4.2109.166p45...

5.5CVSS5.8AI score0.00208EPSS
Exploits0References3
NVD
NVD
added 2025/01/23 2:15 p.m.24 views

CVE-2024-10539

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XSS. This issue affects Uyumsoft ERP: before Erp4.2109.166p45...

5.5CVSS0.00208EPSS
Exploits0References2
CVE
CVE
added 2025/01/23 1:33 p.m.66 views

CVE-2024-10539

Summary: CVE-2024-10539 describes an XSS vulnerability in Uyumsoft ERP caused by improper input neutralization during web page generation. Affected software: Uyumsoft ERP (versions prior to Erp4.2109.166p45). Impact: Cross-site scripting via invalid characters and reflected XSS vectors; details i...

5.5CVSS5.8AI score0.00208EPSS
Exploits0References2
OSV
OSV
added 2024/05/06 3:15 p.m.5 views

AZL-40369 CVE-2024-34064 affecting package python-jinja2 for versions less than 3.1.2-2

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as...

5.4CVSS6.6AI score0.00979EPSS
Exploits0References1
OSV
OSV
added 2024/05/06 3:15 p.m.2 views

DEBIAN-CVE-2024-34064

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as...

5.4CVSS6.4AI score0.00979EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:56 a.m.50 views

CVE-2023-32173

The CVE-2023-32173 entry concerns Unified Automation UaGateway: a DoS flaw in the AddServer method where crafted arguments can inject invalid characters into an XML configuration file. The impact is a persistent denial-of-service condition, with network exposure and required authentication when t...

5.8CVSS5.7AI score0.01171EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.14 views

CVE-2023-32173 Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability

Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the...

5.8CVSS5.7AI score0.01171EPSS
Exploits0References2
OSV
OSV
added 2024/03/28 3:15 p.m.3 views

CVE-2023-45715

The console may experience a service interruption when processing file names with invalid characters...

4.3CVSS5.8AI score0.004EPSS
Exploits0References1
Rows per page
Query Builder