Lucene search
K

1040 matches found

EUVD
EUVD
added 2026/03/04 10:5 p.m.6 views

EUVD-2026-9500

Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...

8.7CVSS5.8AI score0.00533EPSS
Exploits0References3
OSV
OSV
added 2026/03/04 10:5 p.m.10 views

CVE-2026-26002 OnDemand susceptible to malicious input when navigating to a directory.

Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...

8.7CVSS5.8AI score0.00533EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 5:38 a.m.6 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service

Summary IBM Event Streams is vulnerable to a denial of service due to non‑linear parsing of malicious input. CVE-2024-45338 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length...

5.3CVSS6AI score0.00856EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

Open OnDemand 注入漏洞

Open OnDemand is an open-source software developed by the Ohio Supercomputer Center, designed for open-ended interactive HPC through web-based interfaces. Versions of Open OnDemand prior to 4.0.9 and 4.1.3 contained a vulnerability due to improper handling of malicious inputs by the Files...

9.8CVSS5.8AI score0.00533EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.10 views

PT-2026-23070

Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...

8.7CVSS5.8AI score0.00533EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.7 views

PT-2026-23028

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a browser that is accessin...

6.1CVSS6.1AI score0.00264EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/02 12:0 a.m.2 views

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14276)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

5.7CVSS5.8AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2026/02/26 11:1 p.m.12 views

CLSA-2026-1771855171 glib2: Fix of CVE-2025-14087

CVE-2025-14087: fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...

9.8CVSS6AI score0.00754EPSS
Exploits0References1
OSV
OSV
added 2026/02/23 1:46 p.m.6 views

CLSA-2026-1771854372 glib2: Fix of CVE-2025-14087

CVE-2025-14087: fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...

9.8CVSS6.4AI score0.00754EPSS
Exploits0References1
CloudLinux
CloudLinux
added 2026/02/20 9:45 a.m.8 views

glib2: Fix of CVE-2025-14087

CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...

9.8CVSS5.7AI score0.00754EPSS
Exploits0
OSV
OSV
added 2026/02/20 9:33 a.m.8 views

CLSA-2026-1771579997 glib2: Fix of CVE-2025-14087

CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...

9.8CVSS6AI score0.00754EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.4 views

CVE-2025-33239

NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS5.7AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.4 views

CVE-2026-27074

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in vaakash Shortcoder shortcoder allows Stored XSS.This issue affects Shortcoder: from n/a through = 6.5.1...

5.5AI score0.0013EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.4 views

PT-2026-20406

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

7.8CVSS5.7AI score0.00171EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.12 views

PT-2026-20400

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge affected versions not specified Description The software contains a flaw in a data merging tutorial that could allow code injection with malicious input. Exploitation of this issue may lead to code execution, privilege...

7.8CVSS5.3AI score0.00197EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.6 views

PT-2026-20401

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge affected versions not specified Description The software contains a flaw in a data shuffling tutorial that could allow code injection with malicious input. Exploitation may lead to code execution, privilege escalation,...

7.8CVSS5.3AI score0.00201EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/02/13 8:54 p.m.9 views

rPGP affected by crash in message handling for deeply nested messages

Summary Previous rPGP versions could be caused to crash with a "stack overflow" when parsing messages that contain deeply nested message layers, such as messages with many signatures. rPGP 0.19.0 resolves this issue with a more robust message handling implementation via...

5.5AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/12 11:16 p.m.3 views

CVE-2019-25329

FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler SEH with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger ...

7.5CVSS5.8AI score0.00429EPSS
Exploits1References3
NVD
NVD
added 2026/02/12 8:16 p.m.8 views

CVE-2019-25347

thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts...

7.5CVSS0.00454EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.4 views

CVE-2025-46305

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash...

5.4AI score0.00258EPSS
Exploits0References4
Rows per page
Query Builder