Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50165

Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.8 Description The Docker API server contains a Server-Side Request Forgery SSRF flaw where the protection mechanisms in the validate webhook url and validate url destination functions used an incomplete IPv4/IPv6...

7.5CVSS5.9AI score0.00267EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.12 views

Node.js Module axios < 0.32.0 / 1.x < 1.16.0 NO_PROXY Bypass (SSRF)

The version of the axios Node.js module installed on the remote host is prior to 0.32.0 or 1.x prior to 1.16.0. It is, therefore, affected by the following vulnerability: - shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...

8.6CVSS5.4AI score0.00921EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2026/05/08 6:25 p.m.13 views

Advisory ROSA-SA-2026-3266

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-3 affected versions kernel-6.6-6.6.6.126-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the xfrm subsystem ESP of the Linux kernel allows data decryption over non-packe...

8.8CVSS6AI score0.93235EPSS
Exploits31
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

RHCOS 4 : OpenShift Container Platform 4.14.35 (RHSA-2024:5436)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5436 advisory. - golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 -...

9.8CVSS6.8AI score0.01952EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43037

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...

5.8AI score0.00563EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/16 6:34 a.m.5 views

CVE-2026-23154

A flaw was found in the Linux kernel's network GSO Generic Segmentation Offload handling. When forwarding GRO packets with fraglists through XLAT IPv4/IPv6 translation, the skbsegmentlist function incorrectly processes packets where only the head skb header is translated, leading to protocol...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/02/14 4:15 p.m.9 views

AZL-77676 CVE-2026-23154 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKBGSODODGY flag for fraglist GSO packets, addressing low throughput issues observed when a station accesses IPv4...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.3 (AXSA:2024-8598:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8598:04 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 Tenable has extracted the preceding description block directly from the MiracleLinux security...

7.5CVSS7.2AI score0.01034EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

7.5CVSS7.5AI score0.12826EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003135 advisory. The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted applicati...

5.5CVSS6.5AI score0.00465EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.462.b08-3.el9.ML.1 (AXSA:2025-10686:14)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10686:14 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve scripting supports CVE-2025-30761 JDK: Bette...

8.1CVSS6.5AI score0.01058EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2025/10/20 12:46 p.m.5 views

Security update for go1.25

This update for go1.25 fixes the following issues: go1.25.3 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1244485 go75861 crypto/x509: TLS validation fails for FQDNs with trailing dot go75777 spec: Go1.25 spec should be dated closer to actual release date Further fixups to the...

6.9AI score
Exploits0References2
NVD
NVD
added 2025/10/09 4:15 p.m.4 views

CVE-2025-59964

A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...

8.7CVSS0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12518

Malware in sbrugna...

7.5CVSS7.5AI score0.01591EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-0809

Malware in sbrugna...

9.8CVSS6.3AI score0.02384EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-18008

Malicious code in bioql PyPI...

5.8CVSS6.4AI score0.00395EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.9 views

PT-2025-39307

Name of the Vulnerable Software and Affected Versions Cisco IOS and IOS XE Software versions prior to IOS XE 17.15.4a Description A vulnerability exists in the Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software. This flaw, a stack overflow condition, allows an...

9CVSS9.6AI score0.37613EPSS
Exploits1References184
CVE
CVE
added 2025/07/11 3:9 p.m.18 views

CVE-2025-52985

CVE-2025-52985 describes a Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved. When a firewall filter applied to the lo0 or re:mgmt interface references a prefix list and that list contains more than 10 entries, the prefix list may fail to ...

6.9CVSS6.3AI score0.00238EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38192 net: clear the dst when changing skb protocol

In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address: 0000000000000000...

5.5CVSS6AI score0.00148EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/22 11:22 a.m.10 views

CVE-2013-1189

Cisco Universal Broadband aka uBR 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service routing-engine reload via unspecified changes to IP address assignments, aka Bug ID CSCue15313...

5.7CVSS7.1AI score0.00647EPSS
Exploits0References1
Rows per page
Query Builder