Lucene search
K

1410 matches found

Vulnrichment
Vulnrichment
added 2026/01/27 10:4 p.m.4 views

CVE-2026-24783 soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives

soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...

7.5CVSS5.9AI score0.00372EPSS
Exploits0References4
Fedora
Fedora
added 2026/01/27 6:43 a.m.8 views

[SECURITY] Fedora 42 Update: glibc-2.41-16.fc42

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

8.4CVSS6AI score0.00564EPSS
Exploits1
Fedora
Fedora
added 2026/01/27 4:53 a.m.7 views

[SECURITY] Fedora 43 Update: glibc-2.42-9.fc43

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

8.4CVSS6AI score0.00564EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.10 views

soroban-fixed-point-math security vulnerability

Soroban-Fixed-Point-Math is a mathematical computing code library open source by Script3. Versions 1.3.0 and 1.4.0 of Soroban-Fixed-Point-Math have security vulnerabilities. These vulnerabilities stem from improper handling of negative intermediate products and negative divisors in the mulDiv...

7.5CVSS5.9AI score0.00372EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.4 views

CVE-2026-0690

The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 3:20 p.m.4 views

CVE-2026-0690

The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00203EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 2:26 p.m.4 views

CVE-2026-0690 FlatPM – Ad Manager, AdSense and Custom Code <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta

The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00203EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:26 p.m.5 views

CVE-2026-0690

The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00203EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/20 2:26 p.m.19 views

CVE-2026-0690 FlatPM – Ad Manager, AdSense and Custom Code <= 3.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Post Meta

The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rankmathdescription' custom field in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00203EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.9 views

PT-2026-3577

Name of the Vulnerable Software and Affected Versions FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress versions through 3.2.2 Description The FlatPM – Ad Manager, AdSense and Custom Code plugin for WordPress has a Stored Cross-Site Scripting issue. This is due to inadequate...

6.4CVSS5.4AI score0.00203EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 3 : glibc-2.5-107.4.0.1.AXS3 (AXSA:2013-422:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-422:02 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

5CVSS7.7AI score0.04113EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.10 views

CVE-2022-0489

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments...

5.7CVSS6.4AI score0.01464EPSS
Exploits1References1
Snyk
Snyk
added 2026/01/07 11:51 p.m.1 views

Malicious Package

Overview spark-math is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/12/26 6:55 p.m.12 views

lunarbase-pmm-math (>=0.1.0 <=0.2.4), ruint-macro (=0.1.1) +5 more potentially affected by unknown CVE via ruint (>=0.1.0 <=1.16.0)

ruint CARGO version =0.1.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.3.0, =0.1.0, =0.5.1 Source cves: unknown CVE Source advisory: OSV:GHSA-9FJQ-45QV-PCM7...

5.5AI score
Exploits0
OSV
OSV
added 2025/11/28 9:4 a.m.8 views

RLSA-2023:2802 Moderate: container-tools:4.0 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-1962 golang:...

7.5CVSS9.3AI score0.05623EPSS
Exploits5References15
RedhatCVE
RedhatCVE
added 2025/11/12 5:7 p.m.7 views

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

4.8CVSS6.1AI score0.00102EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 6:30 p.m.4 views

EUVD-2025-93485

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

4.8CVSS5.6AI score0.00102EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 5:15 p.m.4 views

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

4.8CVSS0.00102EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 4:50 p.m.21 views

CVE-2025-31948

Intel oneAPI Math Kernel Library (MKL) before version 2025.2 is affected by a DoS due to improper input validation. The issue is exploitable by an unprivileged, authenticated user with low complexity, via local access (Ring 3: User Applications). Impact is confined to availability (low) with no c...

4.8CVSS5.8AI score0.00102EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 4:50 p.m.4 views

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

4.8CVSS5.8AI score0.00102EPSS
Exploits0References1
Rows per page
Query Builder