Lucene search
+L

151 matches found

CNVD
CNVD
added 2026/03/24 12:0 a.m.3 views

OpenClaw path traversal vulnerability (CNVD-2026-14856)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to bypass group message access control...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/23 1:32 a.m.8 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/20 11:8 p.m.5 views

EUVD-2026-13904

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they lose access to that PM. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No know...

5.9CVSS5.8AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/19 10:7 p.m.3 views

EUVD-2026-13302

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where DM pairing-store identities are incorrectly eligible for group allowlist authorization checks. Attackers can exploit this cross-context authorization flaw by using a sender approved via DM pairing to satisfy...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/19 5:57 p.m.9 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.0036EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2026/03/19 5:20 a.m.14 views

USN-8018-3: Python 2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

6.3CVSS7.2AI score0.00708EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

FreeScout 访问控制错误漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. FreeScout versions 1.8.208 and earlier contained an access control vulnerability. This vulnerability stemmed from defects in access control mechanisms, allowing...

8.1CVSS5.8AI score0.00283EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/03/12 1:40 p.m.10 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.0036EPSS
Exploits0References7
OSV
OSV
added 2026/03/12 12:0 a.m.4 views

ALSA-2026:4473 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6CVSS7.2AI score0.0056EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/03/10 9:36 a.m.5 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.0036EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2026/03/10 12:0 a.m.8 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6CVSS5.8AI score0.0056EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/02 11:16 a.m.7 views

EUVD-2025-208150

The CGM CLININET application uses direct, sequential object identifiers "MessageID" without proper authorization checks. By modifying the parameter in the GET request, an attacker can access messages and attachments belonging to other users...

8.8CVSS5.9AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : cyrus-imapd-2.3.16-6.AXS4.3 (AXSA:2011-675:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-675:01 advisory. The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large...

7.5CVSS9.2AI score0.16334EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:9 a.m.7 views

CVE-2019-11785

Improper access control in mail module followers in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages...

6.5CVSS6.5AI score0.0147EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 2:15 a.m.9 views

UBUNTU-CVE-2025-68131

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

7.5CVSS5.8AI score0.00423EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/31 1:15 a.m.38 views

CVE-2025-68131 CBORDecoder reuse can leak shareable values across decode calls

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

6.9CVSS0.00423EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-30738

Malware in sbrugna...

2.4CVSS6.4AI score0.00282EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-0963

Malware in sbrugna...

6.5CVSS6.5AI score0.01573EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-3536

Malware in sbrugna...

5CVSS6.1AI score0.01417EPSS
Exploits0References5
Rows per page
Query Builder