Lucene search
K

2112 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

AlmaLinux 9 : firefox (ALSA-2026:27734)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:27734 advisory. firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the...

9.6CVSS6AI score0.00476EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

RockyLinux 10 : firefox (RLSA-2026:27733)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27733 advisory. firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the...

9.6CVSS6AI score0.00476EPSS
Exploits0References59
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

AlmaLinux 10 : firefox (ALSA-2026:27733)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:27733 advisory. firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References31
NVD
NVD
added 2026/06/23 1:16 p.m.13 views

CVE-2025-71370

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00379EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 12:12 p.m.5 views

EUVD-2025-210307

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 12:12 p.m.32 views

CVE-2025-71370 picklescan - Remote Code Execution via torch.jit.unsupported_tensor_ops.execWrapper

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 11:16 p.m.11 views

CVE-2026-54232

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index flashinfer.ai/whl/ using --extra-index-url, but the...

8.8CVSS0.00304EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/22 10:16 p.m.25 views

CVE-2026-54232 vLLM: Dependency Confusion Vulnerability in vLLM Dockerfile

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index flashinfer.ai/whl/ using --extra-index-url, but the...

8.8CVSS0.00304EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 10:16 p.m.6 views

CVE-2026-54232

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index flashinfer.ai/whl/ using --extra-index-url, but the...

8.8CVSS6.2AI score0.00304EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 10:16 p.m.31 views

CVE-2026-54232

vLLM prior to 0.22.1 is affected by a dependency confusion flaw in its Dockerfile. The vulnerability arises from installing flashinfer-jit-cache from a private index (flashinfer.ai/whl/) via --extra-index-url while the package name was not registered on PyPI and UV_INDEX_STRATEGY is set to unsafe...

8.8CVSS6.2AI score0.00304EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 4:5 a.m.7 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/06/22 12:0 a.m.4 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References60
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51418

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.22.1 Description vLLM is an inference and serving engine for large language models. The Dockerfile is susceptible to a dependency confusion attack involving the flashinfer-jit-cache package. This occurs because the...

8.8CVSS6.2AI score0.00304EPSS
Exploits1References6
OSV
OSV
added 2026/06/22 12:0 a.m.5 views

ALSA-2026:27734 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References60
OSV
OSV
added 2026/06/22 12:0 a.m.10 views

ALSA-2026:27733 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References60
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

RHEL 10 : firefox (RHSA-2026:27733)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:27733 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References60
OSV
OSV
added 2026/06/18 9:28 p.m.5 views

MGASA-2026-0225 Updated luajit packages fix security vulnerabilities

In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. CVE-2019-19391 LuaJIT through 2.1.0-beta3 h...

9.8CVSS6.9AI score0.01469EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2026/06/17 3:44 p.m.6 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 10:31 a.m.5 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 10:3 a.m.4 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
Rows per page
Query Builder