Lucene search
+L

723 matches found

NVD
NVD
added 2026/07/10 5:16 p.m.7 views

CVE-2026-55781

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fsfsize fragment size, allowin...

2.4CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/07/10 11:1 a.m.2 views

OPENSUSE-SU-2026:21312-1 Security update for python-pytest-html

This update for python-pytest-html fixes the following issues: Changes in python-pytest-html: - Revendor updating brace-expansion: - force brace-expansion minimum version to fix CVE-2026-13149 bsc1269923...

8.7CVSS6.3AI score0.00361EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/07/09 8:1 a.m.6 views

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.

...

6.5CVSS6.1AI score0.00265EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/08 8:46 p.m.34 views

CVE-2026-8472 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS0.00243EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 1:16 a.m.4 views

DEBIAN-CVE-2026-60001

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS5.9AI score0.00265EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/08 12:16 a.m.4 views

CVE-2026-60001

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS5.9AI score0.00265EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/08 12:16 a.m.8 views

EUVD-2026-42145

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS5.9AI score0.00265EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/08 12:16 a.m.8 views

CVE-2026-60001

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS5.9AI score0.00265EPSS
Exploits0
OSV
OSV
added 2026/07/08 12:16 a.m.3 views

CVE-2026-60001

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS6.1AI score0.00265EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56292

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4 Description The sshd component does not consistently adhere to the minimum authentication delay, which is a mechanism designed to slow down authentication attempts to prevent brute-force attacks. Recommendations...

9.4CVSS6.1AI score0.00407EPSS
Exploits0References20
OSV
OSV
added 2026/07/07 1:43 p.m.6 views

JLSEC-2026-658 Deno: Miller-Rabin Primality Test Allows Zero Rounds

Summary node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied to the candidate was trial division by the primes up to 17,863. Any...

7.4CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1002 Missing validation crashes `QuantizeAndDequantizeV4Grad`

Impact The implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV4Grad gradients=tf.constant1,...

5.5CVSS5.9AI score0.0034EPSS
Exploits1References11
OSV
OSV
added 2026/07/06 6:31 a.m.6 views

OESA-2026-2870 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using...

7.8CVSS5.9AI score0.00321EPSS
Exploits11References2
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.14 views

PT-2026-55745

Name of the Vulnerable Software and Affected Versions yt-dlp versions prior to 2026.07.04 Description Improper sanitization of output when using the --write-link option allows for downstream command injection. This occurs because shortcut file data is not properly validated and sanitized before...

7.5CVSS6AI score0.0064EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: ccs – Avoid possible division by zero Calculating the maximum value of M for scaler configuration involves dividing by the value of the MINXOUTPUTSIZE limit register. Although this value is presumably non-zero, the driver...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the data. The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe...

5.9AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fixed the “UBSAN: shift-out-of-bounds error” issue. This patch ensures that the RX ring size rxpending is not set below the permitted limit. This prevents UBSAN shift-out-of-bounds errors when users specify small or...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 11:53 a.m.10 views

EUVD-2026-38748

Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...

5.6CVSS5.8AI score0.00073EPSS
Exploits0References2
NVD
NVD
added 2026/06/20 4:17 p.m.16 views

CVE-2026-56228

Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated organization administrator can set an extremely large numeric value e.g., billions of characters as the minimum password length, making compliance...

6.9CVSS0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/20 3:24 p.m.12 views

EUVD-2026-38116

Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated organization administrator can set an extremely large numeric value e.g., billions of characters as the minimum password length, making compliance...

6.9CVSS5.9AI score0.00272EPSS
Exploits0References2
Rows per page
Query Builder