Lucene search
+L

10308 matches found

cvelist
cvelist
added 2 days ago36 views

CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS
Exploits0References2
cve
cve
added 2 days ago9 views

CVE-2026-15921

The CVE-2026-15921 issue affects Node Version Manager (nvm) up to v0.40.5, where nvm ls-remote and similar commands parse the mirror index.tab and use each LTS codename as an alias filename without validation. A malicious mirror can return path-traversal codenames (e.g., ../../../.bashrc), causin...

3.1CVSS6.4AI score
Exploits0References2
nessus
nessus
added 5 days ago4 views

Debian dla-4677 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4677 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4677-1 [email protected]...

9.6CVSS6.3AI score0.00306EPSS
Exploits0References56
osv
osv
added last week3 views

CVE-2026-54149 MaxKB MCP tool import validation bypass allows post-authentication remote code execution

MaxKB is an open-source AI assistant for enterprise. Prior to 2.10.0-lts, MaxKB tool import functionality in apps/tools/serializers/tool.py and MCP referencing mode in apps/application/chatpipeline/step/chatstep/impl/basechatstep.py do not consistently validate MCP transport type, allowing an...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References4
nessus
nessus
added 2026/07/10 12:0 a.m.9 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Go Cryptography vulnerabilities (USN-8519-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8519-1 advisory. Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. A...

7.5CVSS6.8AI score0.00868EPSS
Exploits1References3
ubuntu
ubuntu
added 2026/07/09 2:13 p.m.6 views

USN-8523-1: libsoup vulnerabilities

Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-length resources. An attacker could possibly use this issue to trigger a buffer over-read, resulting in information disclosure or a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04...

9.1CVSS6.8AI score0.0042EPSS
Exploits1
nessus
nessus
added 2026/07/07 12:0 a.m.10 views

Ubuntu 26.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8507-1)

"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8507-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...

9.8CVSS7.1AI score0.00675EPSS
Exploits29References237
debian
debian
added 2026/07/04 2:23 p.m.8 views

[SECURITY] [DLA 4669-1] php8.2 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 04, 2026 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
euvd
euvd
added 2026/07/03 2:13 p.m.8 views

EUVD-2026-41551

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...

7.2CVSS6.1AI score0.01216EPSS
Exploits0References1
euvd
euvd
added 2026/07/03 12:46 p.m.8 views

EUVD-2026-41538

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of uninitialized resource vulnerability. A low privileged attacker wi...

3.3CVSS5.9AI score0.00095EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.15 views

PT-2026-55546

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...

7.2CVSS6.2AI score0.01096EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.18 views

PT-2026-55533

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...

4.2CVSS6AI score0.00116EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.21 views

PT-2026-55536

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

3.3CVSS5.9AI score0.00095EPSS
Exploits0References7
nessus
nessus
added 2026/07/03 12:0 a.m.10 views

Debian dla-4665 : affs-modules-6.1.0-48-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4665 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4665-1 [email protected]...

9.8CVSS7AI score0.00742EPSS
Exploits40References994
debian
debian
added 2026/07/01 5:44 p.m.7 views

[SECURITY] [DLA 4662-1] jq security update

Debian LTS Advisory DLA-4662-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson July 01, 2026 https://wiki.debian.org/LTS Package : jq Version : 1.6-2.1+deb12u2 CVE ID : CVE-2026-32316 CVE-2026-33947 CVE-2026-33948 CVE-2026-39956 CVE-2026-39979 CVE-2026-40164...

8.2CVSS6AI score0.00559EPSS
Exploits13
nessus
nessus
added 2026/07/01 12:0 a.m.3 views

Debian dla-4660 : libnginx-mod-http-auth-pam - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4660 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4660-1 [email protected]...

9.2CVSS6.7AI score0.03552EPSS
Exploits1References6
nessus
nessus
added 2026/06/30 12:0 a.m.11 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : SQLite vulnerabilities (USN-8480-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8480-1 advisory. It was discovered that SQLite incorrectly handled certain memory operations in the FTS5 full-text search extension. An...

8.5CVSS7.2AI score0.00175EPSS
Exploits0References3
ubuntu
ubuntu
added 2026/06/29 3:54 p.m.9 views

USN-8479-1: libheif vulnerabilities

It was discovered that libheif incorrectly handled certain crafted HEIF files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-47178 It was discovered that libheif incorrectly validated offsets when decoding certain crafted HEIF files. An...

6.5CVSS6AI score0.00199EPSS
Exploits0
debian
debian
added 2026/06/28 10:37 a.m.8 views

[SECURITY] [DLA 4655-1] libhtml-parser-perl security update

Debian LTS Advisory DLA-4655-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 28, 2026 https://wiki.debian.org/LTS Package : libhtml-parser-perl Version : 3.75-1+deb11u1 CVE ID : CVE-2026-8829 Paul Johnson discovered that libhtml-parser-perl, a collection of...

7.5CVSS5.8AI score0.0031EPSS
Exploits0
debian
debian
added 2026/06/27 5:52 p.m.8 views

[SECURITY] [DLA 4654-1] chromium security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4654-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 27, 2026 https://wiki.debian.org/LTS -...

9.6CVSS6.1AI score0.0026EPSS
Exploits1
Rows per page
Query Builder