Lucene search
K

37 matches found

Cvelist
Cvelist
added 2026/06/17 2:32 p.m.34 views

CVE-2026-47103 Python StateMachine 3.0.0 < 3.2.0 RCE via SCXML eval() Injection

Python StateMachine versions 3.0.0 before 3.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary code by supplying malicious SCXML documents containing crafted attributes evaluated unsafely. The SCXMLProcessor passes attacker-controlled expression strings...

9.8CVSS0.01188EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48843

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw exists in the virtio-blk device where the system fails to properly validate the size of input descriptors before writing data. A malicious guest with high privileges can exploit this by...

6.7CVSS6AI score0.00121EPSS
Exploits0References25
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in Qemu

It was found that the patch for CVE-2020-17380/CVE-2020-25085 is ineffective. As a result, QEMU becomes vulnerable to out-of-bounds read/write access issues that were previously identified in the SDHCI controller emulation code. This flaw allows a malicious privileged attacker to crash the QEMU...

5.7CVSS6.8AI score0.00485EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.7 views

Debian dla-4533 : libnss-myhostname - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4533 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4533-1 [email protected]...

6.7CVSS6.1AI score0.00144EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.5 views

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NoMachine Device Serve...

7.8CVSS6.2AI score0.00214EPSS
Exploits0References1
Redos
Redos
added 2025/10/21 12:0 a.m.5 views

ROS-20251021-02

A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function clearextentuptodate in fs/btrfs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the KVM component of the...

6.7CVSS6.8AI score0.00407EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-13846

Malware in sbrugna...

6.8CVSS6.4AI score0.01343EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.26 views

EUVD-2020-25223

Malware in sbrugna...

5.5CVSS5.9AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-6114

Malware in sbrugna...

7.5CVSS6.4AI score0.01934EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/11 12:0 a.m.3 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the uefivarswrite function. The UEFIVARSREGPIOBUFFERTRANSFER register is not cleared between write callbacks with uefivarswrite and read callbacks with uefivarsrea...

3.3CVSS6.6AI score0.00147EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/03 9:43 a.m.6 views

CVE-2024-36486

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 55740. When an archived virtual machine is restored, the prlvmarchiver tool decompresses the file and writes the content back to its original location...

7.8CVSS7.9AI score0.00277EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.11 views

CVE-2023-40453

Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide crafted version data, which might potentially trick an administrator into performing an unsafe action via escape sequence injection, or might have a data size that causes a denial of service to a bastio...

6.5CVSS6.9AI score0.00899EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.5 views

CVE-2011-3462

Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803...

5CVSS5.9AI score0.01698EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/03/27 4:37 p.m.11 views

CVE-2023-52931

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vmxa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table...

7.8CVSS5.6AI score0.00221EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/05 11:31 a.m.12 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine...

6.5CVSS7.1AI score0.00103EPSS
Exploits0
Redos
Redos
added 2024/08/26 12:0 a.m.12 views

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.7 views

The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” involves unlimited loading of dangerous type files, allowing a hacker to execute arbitrary code.

The vulnerability of the virtual server “1C-Bitrix: Virtual Machine” is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted PHP file...

10CVSS6AI score
Exploits0References4Affected Software1
OSV
OSV
added 2024/05/21 3:15 p.m.7 views

UBUNTU-CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

7.1CVSS6.2AI score0.00244EPSS
Exploits0References7
OSV
OSV
added 2024/01/30 8:17 p.m.19 views

CVE-2024-24567 raw_call `value=` kwargs not disabled for static and delegate calls

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin rawcall even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics o...

4.8CVSS5.2AI score0.00485EPSS
Exploits3References4
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.6 views

Docker Security Vulnerabilities

Docker is an open source application container engine from the American company Docker. The product supports the creation of a container lightweight virtual machine and the deployment and running of applications on Linux systems, as well as the automated installation, deployment, and upgrading of...

6.5CVSS6.7AI score0.00899EPSS
Exploits1References2
Rows per page
Query Builder