Lucene search
K

5123 matches found

CVE
CVE
added 2026/01/30 8:31 a.m.16 views

CVE-2025-1395

The CVE-2025-1395 entry describes a vulnerability in Codriapp Innovation and Software Technologies Inc.’s HeyGarson where error messages may expose sensitive information. The issue is triggered by fuzzing for application mapping and affects HeyGarson up to 30012026. The available connected docume...

8.2CVSS5.4AI score0.00299EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/30 8:31 a.m.6 views

EUVD-2025-206579

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proces...

8.2CVSS5.9AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.5 views

Codriapp HeyGarson security vulnerability

Codriapp HeyGarson is a digital ordering and management platform developed by Codriapp. Versions of Codriapp HeyGarson dated before January 30, 2026, have security vulnerabilities. These vulnerabilities stem from error messages containing sensitive information, which may lead to application mappi...

8.2CVSS5.8AI score0.00299EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.9 views

PT-2026-5385

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted early about this disclosure but did not...

8.2CVSS5.9AI score0.00299EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/01/28 8:54 a.m.170 views

Exploit for Out-of-bounds Read in Openssl

CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartble...

7.5CVSS5.9AI score0.99999EPSS
Exploits87
Snyk
Snyk
added 2026/01/28 3:24 a.m.4 views

Malicious Package

Overview json-mapping-web is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 3:24 a.m.9 views

Malicious code in json-mapping-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51d9a56e7e0fdb852db49a56abffcdded34d184708b167002fe2e199438063aa The package json-mapping-web was found to contain malicious code. Source: ghsa-malware 37a8fbc4bd325b28e53dce222bdb8b8e10ff6f5559edb6e97605e1ee5cec17...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/28 3:24 a.m.7 views

MAL-2026-552 Malicious code in json-mapping-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51d9a56e7e0fdb852db49a56abffcdded34d184708b167002fe2e199438063aa The package json-mapping-web was found to contain malicious code. Source: ghsa-malware 37a8fbc4bd325b28e53dce222bdb8b8e10ff6f5559edb6e97605e1ee5cec17...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.6 views

RHEL 9 : kernel-rt (RHSA-2026:1443)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS7.4AI score0.00335EPSS
Exploits0References30
Xen Project
Xen Project
added 2026/01/27 12:0 p.m.9 views

varstored: TOCTOU issues with mapped guest memory

ISSUE DESCRIPTION varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005090)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005090 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mappe...

5.5CVSS6.6AI score0.00256EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005031)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005031 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP...

5.9CVSS6AI score0.00744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005194 advisory. In the Linux kernel, the following vulnerability has been resolved: ila: serialize calls to nfregisternethooks syzbot found a race in ilaaddmapping 1 commit...

7.8CVSS6.7AI score0.00254EPSS
Exploits0References4
Wiz blog
Wiz blog
added 2026/01/26 5:25 p.m.6 views

Introducing SITF: The First Threat Framework Dedicated to SDLC Infrastructure

Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/26 1:44 p.m.22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.6AI score0.00335EPSS
Exploits0References5
OSV
OSV
added 2026/01/26 12:0 a.m.8 views

ALSA-2026:1148 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: hcievent: call disconnect callback before deleting conn CVE-2023-53673 kernel: ASoC: Intel: bytcrrt5640: Fix invalid...

7.8CVSS7AI score0.00335EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2026/01/26 12:0 a.m.8 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: hcievent: call disconnect callback before deleting conn CVE-2023-53673 kernel: ASoC: Intel: bytcrrt5640: Fix invalid...

7.8CVSS6.9AI score0.00335EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.5 views

RHEL 10 : kernel (RHSA-2026:1236)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1236 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm/compaction: fix UBSAN...

7.8CVSS6.1AI score0.00335EPSS
Exploits0References17
AlmaLinux
AlmaLinux
added 2026/01/26 12:0 a.m.14 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: hcievent: call disconnect callback before deleting conn CVE-2023-53673 kernel: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping CVE-2025-40154 kernel: Linux kernel:...

7.8CVSS6.6AI score0.00335EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.8 views

CVE-2025-15522

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatordiscordusermapping shortcode in all versions up to, and including, 6.10.0.2 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00259EPSS
Exploits0References1
Rows per page
Query Builder