Lucene search
K

60 matches found

OSV
OSV
added 2026/07/07 4:41 p.m.10 views

GO-2026-5570 Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf

Free5gc NRF is vulnerable to scope validation bypass via maliciously crafted targetNF value in github.com/free5gc/nrf...

9.1CVSS5.9AI score0.00307EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5, and iPadOS 18.7.5; iOS 26.3 and iPadOS 26.3; macOS Tahoe 26.3; and visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

8.8CVSS5.7AI score0.00295EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 3:33 p.m.13 views

Routinator crashes when encountering maliciously crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS5.2AI score0.00358EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/26 5:48 p.m.2 views

CVE-2026-44728 Improper Control of Generation of Code when compiling specifically crafted malicious code with @babel/plugin-transform-modules-systemjs

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS7.3AI score0.00125EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 8:8 p.m.18 views

CVE-2026-43656

Apple fixed an out-of-bounds write issue by improving input validation in parsing a malicious file. Affected are iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The vulnerability could cause an unexpected app termination. Re...

7.3CVSS5.8AI score0.00265EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2026/04/18 12:0 p.m.8 views

RLSA-2026:8352 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/04/14 12:0 a.m.9 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/15 11:37 p.m.30 views

CVE-2025-9457 PRT File Parsing Memory Corruption Vulnerability

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS0.00172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/12/15 11:36 p.m.6 views

CVE-2025-9456

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS7.5AI score0.0026EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-24632

Malware in sbrugna...

9.4CVSS9.2AI score0.02686EPSS
Exploits2References6
Cvelist
Cvelist
added 2025/01/27 11:11 a.m.16 views

CVE-2025-0695

An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input...

5.3CVSS0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from the fact...

5.5CVSS6.2AI score0.0776EPSS
Exploits0References6
CVE
CVE
added 2024/06/25 2:32 a.m.61 views

CVE-2024-23147

CVE-2024-23147 concerns Autodesk AutoCAD memory corruption due to parsing malicious CATPART, X_B and STEP files in ASMKERN228A.dll and ASMKERN229A.dll. The vulnerability is described as a write access violation that, in conjunction with other vulnerabilities, can lead to code execution in the con...

7.8CVSS7.1AI score0.00427EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/06/19 2:15 p.m.24 views

CVE-2024-23443

A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...

4.9CVSS0.01764EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/19 1:47 p.m.41 views

CVE-2024-23443

A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...

4.9CVSS0.01764EPSS
Exploits1References1
OSV
OSV
added 2024/04/03 10:50 a.m.34 views

BIT-GITLAB-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...

6.5CVSS5AI score0.00945EPSS
Exploits0References2
NVD
NVD
added 2024/03/18 12:15 a.m.23 views

CVE-2024-23138

A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7AI score0.0047EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/22 2:25 a.m.31 views

CVE-2024-23126 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7.2AI score0.00418EPSS
Exploits0References2
Prion
Prion
added 2024/02/22 2:15 a.m.23 views

Design/Logic Flaw

A maliciously crafted 3DM file in opennurbs.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...

7.4AI score0.00652EPSS
Exploits0References2
NVD
NVD
added 2024/01/19 8:15 p.m.24 views

CVE-2023-50694

An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to send a malicious crafted request due to insufficient parsing in the parser.nim component...

9.8CVSS9.3AI score0.01029EPSS
Exploits1References3
Rows per page
Query Builder